Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-3221 (GCVE-0-2015-3221)
Vulnerability from cvelistv5
Published
2015-08-26 19:00
Modified
2024-08-06 05:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:39:32.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75368",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75368"
},
{
"name": "[openstack-announce] 20150623 [OSSA 2015-012] Neutron L2 agent DoS through incorrect allowed address pairs (CVE-2015-3221)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
},
{
"name": "RHSA-2015:1680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "75368",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75368"
},
{
"name": "[openstack-announce] 20150623 [OSSA 2015-012] Neutron L2 agent DoS through incorrect allowed address pairs (CVE-2015-3221)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
},
{
"name": "RHSA-2015:1680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-3221",
"datePublished": "2015-08-26T19:00:00",
"dateReserved": "2015-04-10T00:00:00",
"dateUpdated": "2024-08-06T05:39:32.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-3221\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-08-26T19:59:03.097\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en OpenStack Neutron en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.1 (kilo), cuando se usa el controlador del firewall IPTables, permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del agente L2) a\u00f1adiendo un par de direcciones que son rechazadas por la herramienta ipset.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2014.2\",\"versionEndExcluding\":\"2014.2.4\",\"matchCriteriaId\":\"13FD8331-099D-429C-8569-3B14FD379092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2015.1.0\",\"versionEndExcluding\":\"2015.1.1\",\"matchCriteriaId\":\"2BE8DDAC-B528-41D5-943D-99D619F803B6\"}]}]}],\"references\":[{\"url\":\"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1680.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75368\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.launchpad.net/neutron/+bug/1461054\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1680.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugs.launchpad.net/neutron/+bug/1461054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
ghsa-wf44-4mgj-rwvx
Vulnerability from github
Published
2022-05-14 02:19
Modified
2023-02-08 18:00
VLAI Severity ?
Summary
OpenStack Neutron Improper Input Validation vulnerability
Details
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "neutron"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2014.2.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "neutron"
},
"ranges": [
{
"events": [
{
"introduced": "2015.1.0"
},
{
"fixed": "2015.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2015-3221"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": true,
"github_reviewed_at": "2023-02-08T18:00:32Z",
"nvd_published_at": "2015-08-26T19:59:00Z",
"severity": "MODERATE"
},
"details": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
"id": "GHSA-wf44-4mgj-rwvx",
"modified": "2023-02-08T18:00:32Z",
"published": "2022-05-14T02:19:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3221"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:1680"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2015-3221"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232284"
},
{
"type": "WEB",
"url": "https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38"
},
{
"type": "PACKAGE",
"url": "https://opendev.org/openstack/neutron"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368"
},
{
"type": "WEB",
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "OpenStack Neutron Improper Input Validation vulnerability"
}
suse-su-2015:2220-1
Vulnerability from csaf_suse
Published
2015-12-07 14:44
Modified
2015-12-07 14:44
Summary
Security update for openstack-nova and openstack-neutron
Notes
Title of the patch
Security update for openstack-nova and openstack-neutron
Description of the patch
This update for openstack-nova and openstack-neutron provides various fixes and improvements.
openstack-nova:
- Fix instance filtering. (bsc#927625)
- Remove error messages from multipath command output before parsing. (bsc#949529)
- Fix live-migration usage of the wrong connector information.
- Added requirement for memcached to python-nova. (bsc#942457)
- Don't expect meta attributes in object_compat that aren't in the db obj. (bsc#949070, CVE-2015-7713)
- Kill rsync/scp processes before deleting instance. (bsc#935017, CVE-2015-3241)
- Sync process utils from oslo for execute callbacks. (bsc#935017, CVE-2015-3241)
- Fix rebuild of an instance with a volume attached.
- Fixes _cleanup_rbd code to capture ImageBusy exception.
- Don't try to confine a non-NUMA instance.
- Include blank volumes in the block device mapping (bsc#945923)
- Delete orphaned instance files from compute nodes (bsc#944178, CVE-2015-3280)
openstack-neutron:
- Fix usage_audit to work with ML2.
- Fix UDP offloading issue with virtio VMs. (bsc#948704)
- Fix ipset can't be destroyed when last rule is deleted.
- Add ARP spoofing protection for LinuxBridge agent.
- Don't use ARP responder for IPv6 addresses in ovs.
- Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240)
- NSX-mh: use router_distributed flag.
- NSX-mh: Failover controller connections on socket failures.
- NSX-mh: Prevent failures on router delete.
Patchnames
SUSE-SLE12-CLOUD-5-2015-953
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openstack-nova and openstack-neutron",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for openstack-nova and openstack-neutron provides various fixes and improvements.\n\nopenstack-nova:\n\n- Fix instance filtering. (bsc#927625)\n- Remove error messages from multipath command output before parsing. (bsc#949529)\n- Fix live-migration usage of the wrong connector information.\n- Added requirement for memcached to python-nova. (bsc#942457)\n- Don\u0027t expect meta attributes in object_compat that aren\u0027t in the db obj. (bsc#949070, CVE-2015-7713)\n- Kill rsync/scp processes before deleting instance. (bsc#935017, CVE-2015-3241)\n- Sync process utils from oslo for execute callbacks. (bsc#935017, CVE-2015-3241)\n- Fix rebuild of an instance with a volume attached.\n- Fixes _cleanup_rbd code to capture ImageBusy exception.\n- Don\u0027t try to confine a non-NUMA instance.\n- Include blank volumes in the block device mapping (bsc#945923)\n- Delete orphaned instance files from compute nodes (bsc#944178, CVE-2015-3280)\n\nopenstack-neutron:\n\n- Fix usage_audit to work with ML2.\n- Fix UDP offloading issue with virtio VMs. (bsc#948704)\n- Fix ipset can\u0027t be destroyed when last rule is deleted.\n- Add ARP spoofing protection for LinuxBridge agent.\n- Don\u0027t use ARP responder for IPv6 addresses in ovs.\n- Stop device_owner from being set to \u0027network:*\u0027. (bsc#943648, CVE-2015-5240)\n- NSX-mh: use router_distributed flag.\n- NSX-mh: Failover controller connections on socket failures.\n- NSX-mh: Prevent failures on router delete.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE12-CLOUD-5-2015-953",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_2220-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:2220-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20152220-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:2220-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-December/001724.html"
},
{
"category": "self",
"summary": "SUSE Bug 927625",
"url": "https://bugzilla.suse.com/927625"
},
{
"category": "self",
"summary": "SUSE Bug 935017",
"url": "https://bugzilla.suse.com/935017"
},
{
"category": "self",
"summary": "SUSE Bug 935263",
"url": "https://bugzilla.suse.com/935263"
},
{
"category": "self",
"summary": "SUSE Bug 939691",
"url": "https://bugzilla.suse.com/939691"
},
{
"category": "self",
"summary": "SUSE Bug 942457",
"url": "https://bugzilla.suse.com/942457"
},
{
"category": "self",
"summary": "SUSE Bug 943648",
"url": "https://bugzilla.suse.com/943648"
},
{
"category": "self",
"summary": "SUSE Bug 944178",
"url": "https://bugzilla.suse.com/944178"
},
{
"category": "self",
"summary": "SUSE Bug 945923",
"url": "https://bugzilla.suse.com/945923"
},
{
"category": "self",
"summary": "SUSE Bug 948704",
"url": "https://bugzilla.suse.com/948704"
},
{
"category": "self",
"summary": "SUSE Bug 949070",
"url": "https://bugzilla.suse.com/949070"
},
{
"category": "self",
"summary": "SUSE Bug 949529",
"url": "https://bugzilla.suse.com/949529"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3241 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3280 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5240 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7713 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7713/"
}
],
"title": "Security update for openstack-nova and openstack-neutron",
"tracking": {
"current_release_date": "2015-12-07T14:44:50Z",
"generator": {
"date": "2015-12-07T14:44:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:2220-1",
"initial_release_date": "2015-12-07T14:44:50Z",
"revision_history": [
{
"date": "2015-12-07T14:44:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"product": {
"name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"product_id": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"product": {
"name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"product_id": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch"
}
},
{
"category": "product_version",
"name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"product": {
"name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"product_id": "python-neutron-2014.2.4~a0~dev103-10.3.noarch"
}
},
{
"category": "product_version",
"name": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
"product": {
"name": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
"product_id": "python-nova-2014.2.4~a0~dev80-14.1.noarch"
}
},
{
"category": "product_version",
"name": "python-python-memcached-1.54-2.1.noarch",
"product": {
"name": "python-python-memcached-1.54-2.1.noarch",
"product_id": "python-python-memcached-1.54-2.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product": {
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-sle12-cloud-compute:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch"
},
"product_reference": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch"
},
"product_reference": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch"
},
"product_reference": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch"
},
"product_reference": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-python-memcached-1.54-2.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
},
"product_reference": "python-python-memcached-1.54-2.1.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3221"
}
],
"notes": [
{
"category": "general",
"text": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3221",
"url": "https://www.suse.com/security/cve/CVE-2015-3221"
},
{
"category": "external",
"summary": "SUSE Bug 935263 for CVE-2015-3221",
"url": "https://bugzilla.suse.com/935263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-12-07T14:44:50Z",
"details": "low"
}
],
"title": "CVE-2015-3221"
},
{
"cve": "CVE-2015-3241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3241"
}
],
"notes": [
{
"category": "general",
"text": "OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3241",
"url": "https://www.suse.com/security/cve/CVE-2015-3241"
},
{
"category": "external",
"summary": "SUSE Bug 935017 for CVE-2015-3241",
"url": "https://bugzilla.suse.com/935017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-12-07T14:44:50Z",
"details": "moderate"
}
],
"title": "CVE-2015-3241"
},
{
"cve": "CVE-2015-3280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3280"
}
],
"notes": [
{
"category": "general",
"text": "OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3280",
"url": "https://www.suse.com/security/cve/CVE-2015-3280"
},
{
"category": "external",
"summary": "SUSE Bug 1000443 for CVE-2015-3280",
"url": "https://bugzilla.suse.com/1000443"
},
{
"category": "external",
"summary": "SUSE Bug 944178 for CVE-2015-3280",
"url": "https://bugzilla.suse.com/944178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-12-07T14:44:50Z",
"details": "moderate"
}
],
"title": "CVE-2015-3280"
},
{
"cve": "CVE-2015-5240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5240"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5240",
"url": "https://www.suse.com/security/cve/CVE-2015-5240"
},
{
"category": "external",
"summary": "SUSE Bug 943648 for CVE-2015-5240",
"url": "https://bugzilla.suse.com/943648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-12-07T14:44:50Z",
"details": "low"
}
],
"title": "CVE-2015-5240"
},
{
"cve": "CVE-2015-7713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7713"
}
],
"notes": [
{
"category": "general",
"text": "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7713",
"url": "https://www.suse.com/security/cve/CVE-2015-7713"
},
{
"category": "external",
"summary": "SUSE Bug 949070 for CVE-2015-7713",
"url": "https://bugzilla.suse.com/949070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-12-07T14:44:50Z",
"details": "moderate"
}
],
"title": "CVE-2015-7713"
}
]
}
suse-su-2015:1890-1
Vulnerability from csaf_suse
Published
2015-10-15 02:07
Modified
2015-10-15 02:07
Summary
Security update for openstack-neutron and crowbar-barclamp-neutron
Notes
Title of the patch
Security update for openstack-neutron and crowbar-barclamp-neutron
Description of the patch
This update provides security fixes and improvements for openstack-neutron and
crowbar-barclamp-neutron.
crowbar-barclamp-neutron:
- Add infoblox support.
- Add configurations required to support DHCP relay.
- Create 'floating' network as 'flat' provider network. (bsc#946882)
- Fix search for Nova instance.
openstack-neutron:
- Fix usage_audit to work with ML2.
- Fix UDP offloading issue with virtio VMs. (bsc#948704)
- Fix ipset can't be destroyed when last rule is deleted.
- Add ARP spoofing protection for LinuxBridge agent.
- Don't use ARP responder for IPv6 addresses in ovs.
- Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240)
Patchnames
sleclo50sp3-neutron-201510-12183
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openstack-neutron and crowbar-barclamp-neutron",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update provides security fixes and improvements for openstack-neutron and\ncrowbar-barclamp-neutron.\n\ncrowbar-barclamp-neutron:\n\n- Add infoblox support.\n- Add configurations required to support DHCP relay.\n- Create \u0027floating\u0027 network as \u0027flat\u0027 provider network. (bsc#946882)\n- Fix search for Nova instance.\n\nopenstack-neutron:\n\n- Fix usage_audit to work with ML2.\n- Fix UDP offloading issue with virtio VMs. (bsc#948704)\n- Fix ipset can\u0027t be destroyed when last rule is deleted.\n- Add ARP spoofing protection for LinuxBridge agent.\n- Don\u0027t use ARP responder for IPv6 addresses in ovs.\n- Stop device_owner from being set to \u0027network:*\u0027. (bsc#943648, CVE-2015-5240)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleclo50sp3-neutron-201510-12183",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1890-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1890-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151890-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1890-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-November/001663.html"
},
{
"category": "self",
"summary": "SUSE Bug 935263",
"url": "https://bugzilla.suse.com/935263"
},
{
"category": "self",
"summary": "SUSE Bug 939691",
"url": "https://bugzilla.suse.com/939691"
},
{
"category": "self",
"summary": "SUSE Bug 943648",
"url": "https://bugzilla.suse.com/943648"
},
{
"category": "self",
"summary": "SUSE Bug 946882",
"url": "https://bugzilla.suse.com/946882"
},
{
"category": "self",
"summary": "SUSE Bug 948704",
"url": "https://bugzilla.suse.com/948704"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3221 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5240 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5240/"
}
],
"title": "Security update for openstack-neutron and crowbar-barclamp-neutron",
"tracking": {
"current_release_date": "2015-10-15T02:07:06Z",
"generator": {
"date": "2015-10-15T02:07:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1890-1",
"initial_release_date": "2015-10-15T02:07:06Z",
"revision_history": [
{
"date": "2015-10-15T02:07:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"product": {
"name": "crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"product_id": "crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"product": {
"name": "openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"product_id": "openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64"
}
},
{
"category": "product_version",
"name": "python-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"product": {
"name": "python-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"product_id": "python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 5",
"product": {
"name": "SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:cloud:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch"
},
"product_reference": "crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch"
},
"product_reference": "openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-2014.2.4~a0~dev103-16.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
},
"product_reference": "python-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-3221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3221"
}
],
"notes": [
{
"category": "general",
"text": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 5:crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3221",
"url": "https://www.suse.com/security/cve/CVE-2015-3221"
},
{
"category": "external",
"summary": "SUSE Bug 935263 for CVE-2015-3221",
"url": "https://bugzilla.suse.com/935263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 5:crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-15T02:07:06Z",
"details": "low"
}
],
"title": "CVE-2015-3221"
},
{
"cve": "CVE-2015-5240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5240"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 5:crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5240",
"url": "https://www.suse.com/security/cve/CVE-2015-5240"
},
{
"category": "external",
"summary": "SUSE Bug 943648 for CVE-2015-5240",
"url": "https://bugzilla.suse.com/943648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 5:crowbar-barclamp-neutron-1.9+git.1443859419.95e948a-12.2.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-doc-2014.2.4~a0~dev103-16.4.noarch",
"SUSE OpenStack Cloud 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ibm-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-mlnx-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nec-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-nvsd-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-plugin-cisco-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-restproxy-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-ryu-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-server-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-16.2.x86_64",
"SUSE OpenStack Cloud 5:python-neutron-2014.2.4~a0~dev103-16.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-10-15T02:07:06Z",
"details": "low"
}
],
"title": "CVE-2015-5240"
}
]
}
fkie_cve-2015-3221
Vulnerability from fkie_nvd
Published
2015-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html | Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-1680.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/75368 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugs.launchpad.net/neutron/+bug/1461054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1680.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75368 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/neutron/+bug/1461054 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13FD8331-099D-429C-8569-3B14FD379092",
"versionEndExcluding": "2014.2.4",
"versionStartIncluding": "2014.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE8DDAC-B528-41D5-943D-99D619F803B6",
"versionEndExcluding": "2015.1.1",
"versionStartIncluding": "2015.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool."
},
{
"lang": "es",
"value": "Vulnerabilidad en OpenStack Neutron en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.1 (kilo), cuando se usa el controlador del firewall IPTables, permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del agente L2) a\u00f1adiendo un par de direcciones que son rechazadas por la herramienta ipset."
}
],
"id": "CVE-2015-3221",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-26T19:59:03.097",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75368"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2015-3221
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-3221",
"description": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
"id": "GSD-2015-3221",
"references": [
"https://www.suse.com/security/cve/CVE-2015-3221.html",
"https://access.redhat.com/errata/RHSA-2015:1680"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-3221"
],
"details": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
"id": "GSD-2015-3221",
"modified": "2023-12-13T01:20:07.792567Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html",
"refsource": "MISC",
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2015-1680.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
},
{
"name": "http://www.securityfocus.com/bid/75368",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/75368"
},
{
"name": "https://bugs.launchpad.net/neutron/+bug/1461054",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2014.2.4||\u003e=2015.1.0,\u003c2015.1.1",
"affected_versions": "All versions before 2014.2.4, all versions starting from 2015.1.0 before 2015.1.1",
"cvss_v2": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2023-02-08",
"description": "A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash.",
"fixed_versions": [
"2014.2.4",
"2015.1.1"
],
"identifier": "CVE-2015-3221",
"identifiers": [
"GHSA-wf44-4mgj-rwvx",
"CVE-2015-3221"
],
"not_impacted": "All versions starting from 2014.2.4 before 2015.1.0, all versions starting from 2015.1.1",
"package_slug": "pypi/neutron",
"pubdate": "2022-05-14",
"solution": "Upgrade to versions 2014.2.4, 2015.1.1 or above.",
"title": "Improper Input Validation",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-3221",
"https://bugs.launchpad.net/neutron/+bug/1461054",
"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html",
"http://rhn.redhat.com/errata/RHSA-2015-1680.html",
"https://access.redhat.com/errata/RHSA-2015:1680",
"https://access.redhat.com/security/cve/CVE-2015-3221",
"https://bugzilla.redhat.com/show_bug.cgi?id=1232284",
"https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38",
"https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368",
"https://github.com/advisories/GHSA-wf44-4mgj-rwvx"
],
"uuid": "77a57405-264d-455f-9a2f-c17afca0e978"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2014.2.4",
"versionStartIncluding": "2014.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2015.1.1",
"versionStartIncluding": "2015.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3221"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[openstack-announce] 20150623 [OSSA 2015-012] Neutron L2 agent DoS through incorrect allowed address pairs (CVE-2015-3221)",
"refsource": "MLIST",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
},
{
"name": "RHSA-2015:1680",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
},
{
"name": "https://bugs.launchpad.net/neutron/+bug/1461054",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/neutron/+bug/1461054"
},
{
"name": "75368",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75368"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-02-13T00:48Z",
"publishedDate": "2015-08-26T19:59Z"
}
}
}
rhsa-2015:1680
Vulnerability from csaf_redhat
Published
2015-08-24 20:12
Modified
2024-11-22 09:20
Summary
Red Hat Security Advisory: openstack-neutron security and bug fix update
Notes
Topic
Updated openstack-neutron packages that fix one security issue are now
available for Red Hat Enterprise Linux OpenStack Platform 6.0
Red Hat Product Security has rated this update as having a Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
OpenStack Networking (Neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines.
A Denial of Service flaw was found in the L2 agent when using the IPTables
firewall driver. By submitting an address pair that will be rejected as
invalid by the ipset tool, an attacker may cause the agent to crash.
(CVE-2015-3221)
Red Hat would like to thank the OpenStack upstream for reporting this
issue. Upstream acknowledges Darragh O'Reilly (HP) as the original reporter.
Additionally, the packages address the following issues:
* Neutron failed to load multiple configuration files. The Puppet recipe
hard-coded the --config-file parameter to a set list of configuration files
and additional files were not loaded, even if specified. This fix creates a
new Neutron configuration directory, /etc/neutron/conf.d, and any .conf
files in that directory are loaded by Puppet and applied to all services.
(BZ#1188480)
* When configuring load balancer as a service, the Neutron configuration
used no group as the default system user group. This group does not exist
in the default Red Hat Enterprise Linux 7 configuration, which caused the
virtual IP address creation to fail with the error "cannot find group id
for 'nogroup'." (BZ#1208002)
* Log rotation was set to one week for Neutron, but that could allow the
log file to grow to be very large before rotating. The default log rotation
policy has been updated to include a size limit of 10MB as well as a time
limit to rotate daily. (BZ#1212442)
* Previously, dnsmasq did not save lease information in persistent storage.
When it was restarted, the lease information was lost. This behavior
resulted from removing the '--dhcp-script' option as part of fixing
BZ#1202392. As a result, instances were stuck in the network boot process
for a long period of time. In addition, NACK messages were noted in the
dnsmasq log. This update removes the authoritative option, so that NAKs are
not sent in response to DHCPREQUESTs to other servers. This change is
expected to prevent dnsmasq from NAKing clients renewing leases issued
before it was restarted/rescheduled. DHCPNAK messages should no longer be
found in the log files. (BZ#1227635)
* Conflict tags were included in the python-neutron package spec that
resulted in Neutron unnecessarily blocking the python-oslo-db package.
These conflicts have been removed from the spec, so the python-oslo-db
package can be successfully installed. (BZ#1250056)
All openstack-neutron users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openstack-neutron packages that fix one security issue are now\navailable for Red Hat Enterprise Linux OpenStack Platform 6.0\n\nRed Hat Product Security has rated this update as having a Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenStack Networking (Neutron) is a pluggable, scalable, and API-driven\nsystem that provisions networking services to virtual machines. Its main\nfunction is to manage connectivity to and from virtual machines.\n\nA Denial of Service flaw was found in the L2 agent when using the IPTables\nfirewall driver. By submitting an address pair that will be rejected as\ninvalid by the ipset tool, an attacker may cause the agent to crash.\n(CVE-2015-3221)\n\nRed Hat would like to thank the OpenStack upstream for reporting this\nissue. Upstream acknowledges Darragh O\u0027Reilly (HP) as the original reporter.\n\nAdditionally, the packages address the following issues:\n* Neutron failed to load multiple configuration files. The Puppet recipe\nhard-coded the --config-file parameter to a set list of configuration files\nand additional files were not loaded, even if specified. This fix creates a\nnew Neutron configuration directory, /etc/neutron/conf.d, and any .conf\nfiles in that directory are loaded by Puppet and applied to all services.\n(BZ#1188480)\n\n* When configuring load balancer as a service, the Neutron configuration\nused no group as the default system user group. This group does not exist\nin the default Red Hat Enterprise Linux 7 configuration, which caused the\nvirtual IP address creation to fail with the error \"cannot find group id\nfor \u0027nogroup\u0027.\" (BZ#1208002)\n\n* Log rotation was set to one week for Neutron, but that could allow the\nlog file to grow to be very large before rotating. The default log rotation\npolicy has been updated to include a size limit of 10MB as well as a time\nlimit to rotate daily. (BZ#1212442)\n\n* Previously, dnsmasq did not save lease information in persistent storage.\nWhen it was restarted, the lease information was lost. This behavior\nresulted from removing the \u0027--dhcp-script\u0027 option as part of fixing\nBZ#1202392. As a result, instances were stuck in the network boot process\nfor a long period of time. In addition, NACK messages were noted in the\ndnsmasq log. This update removes the authoritative option, so that NAKs are\nnot sent in response to DHCPREQUESTs to other servers. This change is\nexpected to prevent dnsmasq from NAKing clients renewing leases issued\nbefore it was restarted/rescheduled. DHCPNAK messages should no longer be\nfound in the log files. (BZ#1227635)\n\n* Conflict tags were included in the python-neutron package spec that\nresulted in Neutron unnecessarily blocking the python-oslo-db package.\nThese conflicts have been removed from the spec, so the python-oslo-db\npackage can be successfully installed. (BZ#1250056)\n\nAll openstack-neutron users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:1680",
"url": "https://access.redhat.com/errata/RHSA-2015:1680"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1208002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208002"
},
{
"category": "external",
"summary": "1227635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227635"
},
{
"category": "external",
"summary": "1232284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232284"
},
{
"category": "external",
"summary": "1250056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1250056"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1680.json"
}
],
"title": "Red Hat Security Advisory: openstack-neutron security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T09:20:52+00:00",
"generator": {
"date": "2024-11-22T09:20:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:1680",
"initial_release_date": "2015-08-24T20:12:31+00:00",
"revision_history": [
{
"date": "2015-08-24T20:12:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-08-24T20:12:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T09:20:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-metaplugin@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-oneconvergence-nvsd@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-embrane@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-nec@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-ofagent@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-vpn-agent@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-vmware@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-neutron-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "python-neutron-0:2014.2.3-9.el7ost.noarch",
"product_id": "python-neutron-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-neutron@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-hyperv@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-sriov-nic-agent@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-brocade@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-linuxbridge@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-bigswitch@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-plumgrid@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-ryu@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-opencontrail@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-openvswitch@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-metering-agent@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-common@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-nuage@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-ml2@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-mellanox@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-midonet@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-ibm@2014.2.3-9.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"product": {
"name": "openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"product_id": "openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron-cisco@2014.2.3-9.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-neutron-0:2014.2.3-9.el7ost.src",
"product": {
"name": "openstack-neutron-0:2014.2.3-9.el7ost.src",
"product_id": "openstack-neutron-0:2014.2.3-9.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-neutron@2014.2.3-9.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-0:2014.2.3-9.el7ost.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.src"
},
"product_reference": "openstack-neutron-0:2014.2.3-9.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-common-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-common-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-0:2014.2.3-9.el7ost.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-neutron-0:2014.2.3-9.el7ost.noarch"
},
"product_reference": "python-neutron-0:2014.2.3-9.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"OpenStack upstream"
]
},
{
"names": [
"Darragh O\u0027Reilly"
],
"organization": "HP",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3221",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2015-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1232284"
}
],
"notes": [
{
"category": "description",
"text": "A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-neutron: L2 agent DoS through incorrect allowed address pairs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-neutron-0:2014.2.3-9.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3221"
},
{
"category": "external",
"summary": "RHBZ#1232284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232284"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3221",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3221"
}
],
"release_date": "2015-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-08-24T20:12:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-neutron-0:2014.2.3-9.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:1680"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-0:2014.2.3-9.el7ost.src",
"7Server-RH7-RHOS-6.0:openstack-neutron-bigswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-brocade-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-cisco-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-common-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-embrane-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-hyperv-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ibm-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-linuxbridge-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-mellanox-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metaplugin-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-metering-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-midonet-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ml2-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nec-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-nuage-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ofagent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-oneconvergence-nvsd-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-opencontrail-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-openvswitch-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-plumgrid-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-ryu-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-sriov-nic-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vmware-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:openstack-neutron-vpn-agent-0:2014.2.3-9.el7ost.noarch",
"7Server-RH7-RHOS-6.0:python-neutron-0:2014.2.3-9.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-neutron: L2 agent DoS through incorrect allowed address pairs"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…