Floodlight Denial-of-Service Vulnerability via Topology Manager and Link Discovery Modules

A denial-of-service vulnerability has been identified in Floodlight version 1.2. This issue allows a local attacker to cause link flooding by exploiting the Topology Manager and Link Discovery modules. The vulnerability arises because the Floodlight controller broadcasts BDDP packets with Controller TLV values greater than its own Controller ID. If no corresponding controller with a larger ID exists in the SDN system, this behavior leads to persistent link flooding.

Impact

Exploitation of this vulnerability causes severe link flooding, degrading the link state and disrupting normal network operations.

Reproduction

To reproduce this vulnerability, start the Floodlight controller and a Mininet instance with OpenFlow 1.3. Open Wireshark to capture packets on a host. Then, send a crafted BDDP packet from the host using a Python script that includes a Controller TLV value larger than the controller's own ID. After sending the packet, observe the link status in Wireshark, which will show the flooding effect.