- Security vulnerabilities fixed in ONOS
- Reporting security vulnerability in ONOS
- ONOS Security Response team
Security vulnerabilities fixed in ONOS
This page lists all security vulnerabilities fixed in ONOS. Each vulnerability is assigned a security impact rating on a four-point scale (low, moderate, important and critical). The versions that are affected by each vulnerability are also listed.
You can find the template demonstrating the structure of advisories here.
[Important] [CVE-2015-1166] onos-of-ctl: denial-of-service (DoS) due to exception handling while deserializing malformed packets
It was found that the packet deserializers in ONOS would throw exceptions when handling malformed, truncated or maliciously-crafted packets. The exceptions were not caught and handled, which would result in the relevant switch being disconnected because an exception occurred in an I/O thread. A remote unauthenticated attacker could use this flaw to perform a denial-of-service (DoS) attack by causing ONOS to disconnect switches. See ONOS-605 for more details.
ONOS 1.0.0 Avocet is confirmed to be affected.
A patched build will be released shortly.
This issue was reported by Charles M.C. Chan and Jonathan Hart.