CVE-2014-8153

Published: 15 January 2015

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.

Priority

Medium

Status

Package Release Status
neutron
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [1:2014.1.3-0ubuntu1.1])
Patches:
Upstream: https://review.openstack.org/#/c/141575/ (juno)