csaf_suse - suse-su-2015:2220-1

suse-su-2015:2220-1

Vulnerability from csaf_suse

Published

2015-12-07 14:44

Modified

2015-12-07 14:44

Summary

Security update for openstack-nova and openstack-neutron

Notes

Title of the patch

Security update for openstack-nova and openstack-neutron

Description of the patch

This update for openstack-nova and openstack-neutron provides various fixes and improvements. openstack-nova: - Fix instance filtering. (bsc#927625) - Remove error messages from multipath command output before parsing. (bsc#949529) - Fix live-migration usage of the wrong connector information. - Added requirement for memcached to python-nova. (bsc#942457) - Don't expect meta attributes in object_compat that aren't in the db obj. (bsc#949070, CVE-2015-7713) - Kill rsync/scp processes before deleting instance. (bsc#935017, CVE-2015-3241) - Sync process utils from oslo for execute callbacks. (bsc#935017, CVE-2015-3241) - Fix rebuild of an instance with a volume attached. - Fixes _cleanup_rbd code to capture ImageBusy exception. - Don't try to confine a non-NUMA instance. - Include blank volumes in the block device mapping (bsc#945923) - Delete orphaned instance files from compute nodes (bsc#944178, CVE-2015-3280) openstack-neutron: - Fix usage_audit to work with ML2. - Fix UDP offloading issue with virtio VMs. (bsc#948704) - Fix ipset can't be destroyed when last rule is deleted. - Add ARP spoofing protection for LinuxBridge agent. - Don't use ARP responder for IPv6 addresses in ovs. - Stop device_owner from being set to 'network:*'. (bsc#943648, CVE-2015-5240) - NSX-mh: use router_distributed flag. - NSX-mh: Failover controller connections on socket failures. - NSX-mh: Prevent failures on router delete.

Patchnames

SUSE-SLE12-CLOUD-5-2015-953

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for openstack-nova and openstack-neutron",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for openstack-nova and openstack-neutron provides various fixes and improvements.\n\nopenstack-nova:\n\n- Fix instance filtering. (bsc#927625)\n- Remove error messages from multipath command output before parsing. (bsc#949529)\n- Fix live-migration usage of the wrong connector information.\n- Added requirement for memcached to python-nova. (bsc#942457)\n- Don\u0027t expect meta attributes in object_compat that aren\u0027t in the db obj. (bsc#949070, CVE-2015-7713)\n- Kill rsync/scp processes before deleting instance. (bsc#935017, CVE-2015-3241)\n- Sync process utils from oslo for execute callbacks. (bsc#935017, CVE-2015-3241)\n- Fix rebuild of an instance with a volume attached.\n- Fixes _cleanup_rbd code to capture ImageBusy exception.\n- Don\u0027t try to confine a non-NUMA instance.\n- Include blank volumes in the block device mapping (bsc#945923)\n- Delete orphaned instance files from compute nodes (bsc#944178, CVE-2015-3280)\n\nopenstack-neutron:\n\n- Fix usage_audit to work with ML2.\n- Fix UDP offloading issue with virtio VMs. (bsc#948704)\n- Fix ipset can\u0027t be destroyed when last rule is deleted.\n- Add ARP spoofing protection for LinuxBridge agent.\n- Don\u0027t use ARP responder for IPv6 addresses in ovs.\n- Stop device_owner from being set to \u0027network:*\u0027. (bsc#943648, CVE-2015-5240)\n- NSX-mh: use router_distributed flag.\n- NSX-mh: Failover controller connections on socket failures.\n- NSX-mh: Prevent failures on router delete.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE12-CLOUD-5-2015-953",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_2220-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2015:2220-1",
        "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20152220-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2015:2220-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2015-December/001724.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 927625",
        "url": "https://bugzilla.suse.com/927625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 935017",
        "url": "https://bugzilla.suse.com/935017"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 935263",
        "url": "https://bugzilla.suse.com/935263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 939691",
        "url": "https://bugzilla.suse.com/939691"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 942457",
        "url": "https://bugzilla.suse.com/942457"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 943648",
        "url": "https://bugzilla.suse.com/943648"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 944178",
        "url": "https://bugzilla.suse.com/944178"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 945923",
        "url": "https://bugzilla.suse.com/945923"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 948704",
        "url": "https://bugzilla.suse.com/948704"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949070",
        "url": "https://bugzilla.suse.com/949070"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 949529",
        "url": "https://bugzilla.suse.com/949529"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3221 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3221/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3241 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3280 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3280/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-5240 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-5240/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-7713 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-7713/"
      }
    ],
    "title": "Security update for openstack-nova and openstack-neutron",
    "tracking": {
      "current_release_date": "2015-12-07T14:44:50Z",
      "generator": {
        "date": "2015-12-07T14:44:50Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2015:2220-1",
      "initial_release_date": "2015-12-07T14:44:50Z",
      "revision_history": [
        {
          "date": "2015-12-07T14:44:50Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
                "product": {
                  "name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
                  "product_id": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
                "product": {
                  "name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
                  "product_id": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
                "product": {
                  "name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
                  "product_id": "python-neutron-2014.2.4~a0~dev103-10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
                "product": {
                  "name": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
                  "product_id": "python-nova-2014.2.4~a0~dev80-14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python-python-memcached-1.54-2.1.noarch",
                "product": {
                  "name": "python-python-memcached-1.54-2.1.noarch",
                  "product_id": "python-python-memcached-1.54-2.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
                "product": {
                  "name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
                  "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-sle12-cloud-compute:5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch"
        },
        "product_reference": "openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch"
        },
        "product_reference": "openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-neutron-2014.2.4~a0~dev103-10.3.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch"
        },
        "product_reference": "python-neutron-2014.2.4~a0~dev103-10.3.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-nova-2014.2.4~a0~dev80-14.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch"
        },
        "product_reference": "python-nova-2014.2.4~a0~dev80-14.1.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-python-memcached-1.54-2.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
          "product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        },
        "product_reference": "python-python-memcached-1.54-2.1.noarch",
        "relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-3221",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3221"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3221",
          "url": "https://www.suse.com/security/cve/CVE-2015-3221"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935263 for CVE-2015-3221",
          "url": "https://bugzilla.suse.com/935263"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-12-07T14:44:50Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-3221"
    },
    {
      "cve": "CVE-2015-3241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3241",
          "url": "https://www.suse.com/security/cve/CVE-2015-3241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 935017 for CVE-2015-3241",
          "url": "https://bugzilla.suse.com/935017"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-12-07T14:44:50Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3241"
    },
    {
      "cve": "CVE-2015-3280",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3280"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3280",
          "url": "https://www.suse.com/security/cve/CVE-2015-3280"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1000443 for CVE-2015-3280",
          "url": "https://bugzilla.suse.com/1000443"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 944178 for CVE-2015-3280",
          "url": "https://bugzilla.suse.com/944178"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-12-07T14:44:50Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3280"
    },
    {
      "cve": "CVE-2015-5240",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-5240"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-5240",
          "url": "https://www.suse.com/security/cve/CVE-2015-5240"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 943648 for CVE-2015-5240",
          "url": "https://bugzilla.suse.com/943648"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-12-07T14:44:50Z",
          "details": "low"
        }
      ],
      "title": "CVE-2015-5240"
    },
    {
      "cve": "CVE-2015-7713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-7713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
          "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-7713",
          "url": "https://www.suse.com/security/cve/CVE-2015-7713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 949070 for CVE-2015-7713",
          "url": "https://bugzilla.suse.com/949070"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-dhcp-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-ha-tool-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-l3-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-lbaas-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-linuxbridge-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metadata-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-metering-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-openvswitch-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-neutron-vpn-agent-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:openstack-nova-compute-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-neutron-2014.2.4~a0~dev103-10.3.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-nova-2014.2.4~a0~dev80-14.1.noarch",
            "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-python-memcached-1.54-2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-12-07T14:44:50Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-7713"
    }
  ]
}

CVE-2015-3241 (GCVE-0-2015-3241)

Vulnerability from cvelistv5

Published

2015-09-08 15:00

Modified

2024-08-06 05:39

Severity ?

CWE

Summary

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1723.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/75372	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2015-1898.html	vendor-advisory, x_refsource_REDHAT
	https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml	x_refsource_CONFIRM
	https://security.openstack.org/ossa/OSSA-2015-015.html	x_refsource_CONFIRM
	https://launchpad.net/bugs/1387543	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:32.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1723",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1723.html"
          },
          {
            "name": "75372",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75372"
          },
          {
            "name": "RHSA-2015:1898",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1898.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.openstack.org/ossa/OSSA-2015-015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpad.net/bugs/1387543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:1723",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1723.html"
        },
        {
          "name": "75372",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75372"
        },
        {
          "name": "RHSA-2015:1898",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1898.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.openstack.org/ossa/OSSA-2015-015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpad.net/bugs/1387543"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3241",
    "datePublished": "2015-09-08T15:00:00",
    "dateReserved": "2015-04-10T00:00:00",
    "dateUpdated": "2024-08-06T05:39:32.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5240 (GCVE-0-2015-5240)

Vulnerability from cvelistv5

Published

2015-10-27 16:00

Modified

2024-08-06 06:41

Severity ?

CWE

Summary

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1909.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1258458	x_refsource_CONFIRM
	https://security.openstack.org/ossa/OSSA-2015-018.html	x_refsource_CONFIRM
	https://bugs.launchpad.net/neutron/+bug/1489111	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2015/09/08/9	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:41:08.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1909",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1909.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.openstack.org/ossa/OSSA-2015-018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/neutron/+bug/1489111"
          },
          {
            "name": "[oss-security] 20151008 [OSSA 2015-018] Neutron firewall rules bypass through port update (CVE-2015-5240)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/09/08/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-06-16T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:1909",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1909.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.openstack.org/ossa/OSSA-2015-018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/neutron/+bug/1489111"
        },
        {
          "name": "[oss-security] 20151008 [OSSA 2015-018] Neutron firewall rules bypass through port update (CVE-2015-5240)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/09/08/9"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-5240",
    "datePublished": "2015-10-27T16:00:00",
    "dateReserved": "2015-07-01T00:00:00",
    "dateUpdated": "2024-08-06T06:41:08.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-7713 (GCVE-0-2015-7713)

Vulnerability from cvelistv5

Published

2015-10-29 20:00

Modified

2024-08-06 07:58

Severity ?

CWE

Summary

OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made.

References

►

URL

Tags

	http://www.securityfocus.com/bid/76960	vdb-entry, x_refsource_BID
	https://bugs.launchpad.net/nova/+bug/1491307	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2015:2673	vendor-advisory, x_refsource_REDHAT
	https://bugs.launchpad.net/nova/+bug/1492961	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2015-2684.html	vendor-advisory, x_refsource_REDHAT
	https://security.openstack.org/ossa/OSSA-2015-021.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:58:59.895Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "76960",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76960"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/nova/+bug/1491307"
          },
          {
            "name": "RHSA-2015:2673",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2015:2673"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/nova/+bug/1492961"
          },
          {
            "name": "RHSA-2015:2684",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2684.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.openstack.org/ossa/OSSA-2015-021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "76960",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76960"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/nova/+bug/1491307"
        },
        {
          "name": "RHSA-2015:2673",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2015:2673"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/nova/+bug/1492961"
        },
        {
          "name": "RHSA-2015:2684",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2684.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.openstack.org/ossa/OSSA-2015-021.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-7713",
    "datePublished": "2015-10-29T20:00:00",
    "dateReserved": "2015-10-06T00:00:00",
    "dateUpdated": "2024-08-06T07:58:59.895Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-3221 (GCVE-0-2015-3221)

Vulnerability from cvelistv5

Published

2015-08-26 19:00

Modified

2024-08-06 05:39

Severity ?

CWE

Summary

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.

References

►

URL

Tags

	http://www.securityfocus.com/bid/75368	vdb-entry, x_refsource_BID
	http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html	mailing-list, x_refsource_MLIST
	https://bugs.launchpad.net/neutron/+bug/1461054	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2015-1680.html	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:32.047Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "75368",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75368"
          },
          {
            "name": "[openstack-announce] 20150623 [OSSA 2015-012] Neutron L2 agent DoS through incorrect allowed address pairs (CVE-2015-3221)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/neutron/+bug/1461054"
          },
          {
            "name": "RHSA-2015:1680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "75368",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75368"
        },
        {
          "name": "[openstack-announce] 20150623 [OSSA 2015-012] Neutron L2 agent DoS through incorrect allowed address pairs (CVE-2015-3221)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.launchpad.net/neutron/+bug/1461054"
        },
        {
          "name": "RHSA-2015:1680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1680.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3221",
    "datePublished": "2015-08-26T19:00:00",
    "dateReserved": "2015-04-10T00:00:00",
    "dateUpdated": "2024-08-06T05:39:32.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-3280 (GCVE-0-2015-3280)

Vulnerability from cvelistv5

Published

2015-10-26 17:00

Modified

2024-08-06 05:39

Severity ?

CWE

Summary

OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1898.html	vendor-advisory, x_refsource_REDHAT
	https://launchpad.net/bugs/1392527	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/76553	vdb-entry, x_refsource_BID
	https://security.openstack.org/ossa/OSSA-2015-017.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:32.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1898",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1898.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpad.net/bugs/1392527"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "name": "76553",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/76553"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.openstack.org/ossa/OSSA-2015-017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:1898",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1898.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpad.net/bugs/1392527"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
        },
        {
          "name": "76553",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/76553"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.openstack.org/ossa/OSSA-2015-017.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3280",
    "datePublished": "2015-10-26T17:00:00",
    "dateReserved": "2015-04-10T00:00:00",
    "dateUpdated": "2024-08-06T05:39:32.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2015:2220-1

Vulnerability from csaf_suse

CVE-2015-3241 (GCVE-0-2015-3241)

Vulnerability from cvelistv5

CVE-2015-5240 (GCVE-0-2015-5240)

Vulnerability from cvelistv5

CVE-2015-7713 (GCVE-0-2015-7713)

Vulnerability from cvelistv5

CVE-2015-3221 (GCVE-0-2015-3221)

Vulnerability from cvelistv5

CVE-2015-3280 (GCVE-0-2015-3280)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature