CVE-2015-3221
Published: 26 August 2015
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
Notes
| Author | Note |
|---|---|
| tyhicks | DoS possible by an authenticated user |
| mdeslaur | ipset code introduced in juno |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
neutron Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
| trusty |
Does not exist
(trusty was not-affected [code not present])
|
|
| upstream |
Released
(2015.1.0+2015.06.24.git61.bdf194a0e1-1)
|
|
| utopic |
Ignored
(end of life)
|
|
| vivid |
Not vulnerable
(1:2015.1.1-0ubuntu2)
|
|
|
Patches: upstream: https://review.openstack.org/194696 (juno) upstream: https://review.openstack.org/194697 (kilo) upstream: https://review.openstack.org/194695 (liberty) |
||