ONOS Indirect to Direct Link Type Change Vulnerability

A vulnerability in ONOS version 2.7.0 allows attackers to alter the link type of a device connected to a legacy switch, changing it from indirect to direct. This modification can lead to misinterpretations of the physical link status by the controller, causing disruptions such as incorrect link weight calculations and flow table issues.

Impact

Altering the link type can mislead the ONOS controller's management of network flows and link weights, potentially allowing for traditional switch attacks, such as MAC spoofing, to be executed.

Reproduction

The vulnerability can be reproduced by sending crafted LLDP (Link Layer Discovery Protocol) packets from a host connected to a legacy switch. These packets can be used to change the link type recognized by the ONOS controller, which can then be exploited by manipulating network flows or link weights.