CVE-2014-4167
Published: 18 June 2014
The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.
Priority
Status
Package | Release | Status |
---|---|---|
neutron Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
saucy |
Released
(1:2013.2.3-0ubuntu1.5)
|
|
trusty |
Released
(1:2014.1-0ubuntu1.3)
|
|
upstream |
Pending
(2013.2.4, 1:2014.1.1-0ubuntu1, 2014.2.b1)
|
|
Patches: upstream: https://review.openstack.org/95939 upstream: https://review.openstack.org/95938 upstream: https://review.openstack.org/88584 |