From c78be681f670d0f29648cc427e96128c662b99a0 Mon Sep 17 00:00:00 2001 From: Brendan Scarvell Date: Tue, 17 Nov 2015 18:24:10 +1000 Subject: [PATCH 1/4] Created yaml file for ONOS security advisory Signed-off-by: Brendan Scarvell --- CRSA-2015-0007.yaml | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 CRSA-2015-0007.yaml diff --git a/CRSA-2015-0007.yaml b/CRSA-2015-0007.yaml new file mode 100644 index 0000000..25ca251 --- /dev/null +++ b/CRSA-2015-0007.yaml @@ -0,0 +1,40 @@ +title: 'ONOS: denial-of-service (DoS) due to exception handling while deserializing jumbo frames' + +description: 'It was found that the packet deserializers in ONOS would throw exceptions when handling malformed, truncated or maliciously-crafted packets. The exceptions were not caught and handled, which would result in the relevant switch being disconnected because an exception occurred in an I/O thread. A remote unauthenticated attacker could use this flaw to perform a denial-of-service (DoS) attack by causing ONOS to disconnect switches.' + +references: + - https://wiki.onosproject.org/display/ONOS/Security+advisories + +affected-products: + + - product: CloudRouter + version: + - id: 1.0-beta + component: onos + issues: + - 143 + patches: + - https://gerrit.onosproject.org/#/c/2207/ + +vulnerabilities: + + - cve-id: CVE-2015-3414 + cloudrouter-security-issue: 6 + impact-assessment: + source: 'IIX Product Security' + rating: moderate + assessment: + type: CVSS2 + score: 3.7 + detail: AV:L/AC:H/Au:N/C:P/I:P/A:P + classification: + source: 'IIX Product Security' + type: CWE + detail: TODO + +reporters: + + - name: '' + reported: + - CVE-2015-3414 + - CVE-2015-3416 From caeebb7317e9564c5d0c6aae9c5822eb0f2a1a24 Mon Sep 17 00:00:00 2001 From: Brendan Scarvell Date: Wed, 25 Nov 2015 13:51:08 +1000 Subject: [PATCH 2/4] Filled in extra missing data for advisory Signed-off-by: Brendan Scarvell --- CRSA-2015-0007.yaml | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-) diff --git a/CRSA-2015-0007.yaml b/CRSA-2015-0007.yaml index 25ca251..6cf27e3 100644 --- a/CRSA-2015-0007.yaml +++ b/CRSA-2015-0007.yaml @@ -7,34 +7,21 @@ references: affected-products: - - product: CloudRouter + - product: ONOS version: - - id: 1.0-beta + - id: 1.3.0 component: onos issues: - - 143 + - 88 patches: - - https://gerrit.onosproject.org/#/c/2207/ + - https://gerrit.onosproject.org/#/c/6137/ vulnerabilities: - - cve-id: CVE-2015-3414 - cloudrouter-security-issue: 6 - impact-assessment: - source: 'IIX Product Security' - rating: moderate - assessment: - type: CVSS2 - score: 3.7 - detail: AV:L/AC:H/Au:N/C:P/I:P/A:P - classification: - source: 'IIX Product Security' - type: CWE - detail: TODO + - cve-id: CVE-2015-TBC reporters: - - name: '' + - name: 'Kashyap Thimmaraju, Liron Schiff and Dr. Stefan Schmid' reported: - - CVE-2015-3414 - - CVE-2015-3416 + - CVE-2015-TBC From cc0aa634efa11f9a879d0356bbab588ecf30b2b9 Mon Sep 17 00:00:00 2001 From: Brendan Scarvell Date: Thu, 26 Nov 2015 14:08:25 +1000 Subject: [PATCH 3/4] CVE has now been assigned. Updated advisory to include it Signed-off-by: Brendan Scarvell --- CRSA-2015-0007.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CRSA-2015-0007.yaml b/CRSA-2015-0007.yaml index 6cf27e3..fb17e41 100644 --- a/CRSA-2015-0007.yaml +++ b/CRSA-2015-0007.yaml @@ -18,10 +18,10 @@ affected-products: vulnerabilities: - - cve-id: CVE-2015-TBC + - cve-id: CVE-2015-7516 reporters: - name: 'Kashyap Thimmaraju, Liron Schiff and Dr. Stefan Schmid' reported: - - CVE-2015-TBC + - CVE-2015-7516 From 21b95c310682652a26a12b3b446b246fb0a32dda Mon Sep 17 00:00:00 2001 From: Brendan Scarvell Date: Sat, 28 Nov 2015 09:30:05 +1000 Subject: [PATCH 4/4] Fixed an incorrect issue ID for advisory Signed-off-by: Brendan Scarvell --- CRSA-2015-0007.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CRSA-2015-0007.yaml b/CRSA-2015-0007.yaml index fb17e41..18431d2 100644 --- a/CRSA-2015-0007.yaml +++ b/CRSA-2015-0007.yaml @@ -12,7 +12,7 @@ affected-products: - id: 1.3.0 component: onos issues: - - 88 + - 143 patches: - https://gerrit.onosproject.org/#/c/6137/