Your submission was sent successfully! Close

CVE-2014-8153

Published: 15 January 2015

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.

Priority

Medium

Status

Package Release Status
neutron
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist
(trusty was not-affected [1:2014.1.3-0ubuntu1.1])
upstream Needs triage

utopic Ignored

vivid Not vulnerable
(1:2015.1~b1-0ubuntu5)
Patches:
upstream: https://review.openstack.org/#/c/141575/ (juno)