OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
References
Link | Resource |
---|---|
http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2015-1680.html | Vendor Advisory |
http://www.securityfocus.com/bid/75368 | Third Party Advisory VDB Entry |
https://bugs.launchpad.net/neutron/+bug/1461054 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 00:48
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool. |
02 Feb 2023, 16:16
Type | Values Removed | Values Added |
---|---|---|
Summary | A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash. | |
References |
|
Information
Published : 2015-08-26 19:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-3221
Mitre link : CVE-2015-3221
CVE.ORG link : CVE-2015-3221
JSON object : View
Products Affected
openstack
- neutron
CWE
CWE-20
Improper Input Validation