Upstream information

CVE-2012-3449 at MITRE

Description

Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 3.6
Vector AV:L/AC:L/Au:N/C:N/I:P/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 774332 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Module for Server Applications 15
  • libopenvswitch-2_8-0 >= 2.8.2-4.16
  • openvswitch >= 2.8.2-4.16
  • openvswitch-devel >= 2.8.2-4.16
Patchnames:
SUSE Linux Enterprise Module for Server Applications 15 GA libopenvswitch-2_8-0
SUSE Linux Enterprise Server 12
  • openvswitch >= 2.1.2-8.9
  • openvswitch-kmp-default >= 2.1.2_k3.12.28_4-8.9
  • openvswitch-kmp-xen >= 2.1.2_k3.12.28_4-8.14
  • openvswitch-switch >= 2.1.2-8.9
Patchnames:
SUSE Linux Enterprise Server 12 GA openvswitch
SUSE Linux Enterprise Server 12 SP1
  • openvswitch >= 2.1.2-4.5.8
  • openvswitch-kmp-default >= 2.1.2_k3.12.49_11-4.5.8
  • openvswitch-kmp-xen >= 2.1.2_k3.12.49_11-4.5.8
  • openvswitch-switch >= 2.1.2-4.5.8
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA openvswitch
SUSE Linux Enterprise Server 12 SP2
  • openvswitch >= 2.5.1-24.15
  • openvswitch-dpdk >= 2.5.1-24.15
  • openvswitch-dpdk-switch >= 2.5.1-24.15
  • openvswitch-switch >= 2.5.1-24.15
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA openvswitch
SUSE Linux Enterprise Server 12 SP3
  • openvswitch >= 2.7.0-2.29
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA openvswitch
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • openvswitch >= 2.5.1-24.15
  • openvswitch-switch >= 2.5.1-24.15
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA openvswitch
openSUSE Tumbleweed
  • openvswitch >= 2.6.1-2.1
  • openvswitch-devel >= 2.6.1-2.1
  • openvswitch-dpdk >= 2.6.1-2.1
  • openvswitch-dpdk-devel >= 2.6.1-2.1
  • openvswitch-dpdk-ovn >= 2.6.1-2.1
  • openvswitch-dpdk-pki >= 2.6.1-2.1
  • openvswitch-dpdk-switch >= 2.6.1-2.1
  • openvswitch-dpdk-test >= 2.6.1-2.1
  • openvswitch-dpdk-vtep >= 2.6.1-2.1
  • openvswitch-ovn >= 2.6.1-2.1
  • openvswitch-pki >= 2.6.1-2.1
  • openvswitch-switch >= 2.6.1-2.1
  • openvswitch-test >= 2.6.1-2.1
  • openvswitch-vtep >= 2.6.1-2.1
  • python-openvswitch >= 2.6.1-2.1
  • python-openvswitch-test >= 2.6.1-2.1
Patchnames:
openSUSE Tumbleweed GA openvswitch