Open Network Foundation ONOS Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Open Network Foundation (ONOS) version 2.7.0. This issue allows attackers to disrupt service by sending crafted packets that flood the system. The malicious IPv4 packets bypass the P4 program filters in 'basic.p4' or 'fabric.p4', but fail during deserialization in the ONOS core. This deserialization error prevents applications from processing other packets necessary for registering hosts and links.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing disruptions in normal network operations by preventing the registration of hosts and links.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open Network Foundation ONOS Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Open Network Foundation ONOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating