OFPFlowStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via inst.length=0.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Facuet
  • Ryu
Faucet-sdn
  • Ryu

Configuration 1 [-]

cpe:2.3:a:facuet:ryu:4.34:*:*:*:*:*:*:*

No data.

References
Link Providers
https://github.com/faucetsdn/ryu/issues/192 cve-icon cve-icon
History

Tue, 15 Apr 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Facuet
Facuet ryu
CPEs cpe:2.3:a:facuet:ryu:4.34:*:*:*:*:*:*:*
Vendors & Products Facuet
Facuet ryu

Wed, 20 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Faucet-sdn
Faucet-sdn ryu
Weaknesses CWE-835
CPEs cpe:2.3:a:faucet-sdn:ryu:4.34:*:*:*:*:*:*:*
Vendors & Products Faucet-sdn
Faucet-sdn ryu
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-05-05T00:00:00

Updated: 2024-11-20T16:18:27.334Z

Reserved: 2024-05-05T00:00:00

Link: CVE-2024-34487

cve-icon Vulnrichment

Updated: 2024-08-02T02:51:11.534Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-05T03:15:07.167

Modified: 2025-04-15T17:39:27.097

Link: CVE-2024-34487

cve-icon Redhat

No data.