oss-sec mailing list archives
CVE request for vulnerability in OpenStack Neutron
From: Tristan Cacqueray <tdecacqu () redhat com>
Date: Fri, 10 Jun 2016 15:07:19 +0000
A vulnerability was discovered in OpenStack (see below). In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Neutron IPTables firewall anti-spoof protection bypass Reporter: Romain Aviolat (Nagravision) and Dustin Lundquist (Blue Box Group, Inc) Products: Neutron Affects: <=7.0.4, >=8.0.0 <=8.1.0 Description: Romain Aviolat from Nagravision and Dustin Lundquist from Blue Box Group, Inc independently reported vulnerabilities in Neutron anti-spoof protection. By forging DHCP discovery messages or non-IP traffic, such as ARP or ICMPv6, an instance may spoof IP or MAC source addresses on attached networks resulting in denial of services and/or traffic interception. Moreover when L2population isn't used, other tenants attached to a shared network are also vulnerable. Neutron setups using the IPTables firewall driver are affected. References: https://bugs.launchpad.net/bugs/1502933 (icmpv6) https://bugs.launchpad.net/bugs/1558658 (mac, dhcp) Note: The dhcp fix has been included in the 8.0.0 release and this request probably needs more than one CVE. Thanks in advance, -- Tristan Cacqueray OpenStack Vulnerability Management Team
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE request for vulnerability in OpenStack Neutron Tristan Cacqueray (Jun 10)
- Re: CVE request for vulnerability in OpenStack Neutron cve-assign (Jun 10)