Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2014-7821

Published: 24 November 2014

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Notes

AuthorNote
mdeslaur
perhaps the following commit should also be used:
https://git.openstack.org/cgit/openstack/neutron/commit/?h=stable/icehouse&id=d39349cf47dfe9ac3f52089402d69cd1be8b013b

Priority

Low

Status

Package Release Status
neutron
Launchpad, Ubuntu, Debian
upstream Needs triage

lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was released [1:2014.1.4-0ubuntu1])
utopic Not vulnerable
(1:2014.2.1-0ubuntu1)
vivid Not vulnerable
(1:2015.1~b1-0ubuntu5)
Patches:
upstream: https://git.openstack.org/cgit/openstack/neutron/commit/?id=ab7ea069de5cecf1c26af50996a26e1a7f86def4 (icehouse)
upstream: https://git.openstack.org/cgit/openstack/neutron/commit/?id=d39349cf47dfe9ac3f52089402d69cd1be8b013b (icehouse)