oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request for vulnerability in OpenStack Neutron

From: cve-assign () mitre org
Date: Fri, 10 Jun 2016 12:43:27 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Title: Neutron IPTables firewall anti-spoof protection bypass



independently reported vulnerabilities in Neutron
anti-spoof protection. By forging DHCP discovery messages or non-IP
traffic, such as ARP or ICMPv6, an instance may spoof IP or MAC source
addresses on attached networks resulting in denial of services and/or
traffic interception. Moreover when L2population isn't used, other
tenants attached to a shared network are also vulnerable. Neutron
setups using the IPTables firewall driver are affected.



The dhcp fix has been included in the 8.0.0 release and this
request probably needs more than one CVE.



https://bugs.launchpad.net/neutron/+bug/1502933/comments/21



Just to be clear, the ICMPv6 source address spoof isn't addressed by
bug 1558658 patch (I39dc0e23fc118ede19ef2d986b29fc5a8e48ff78).



Since both issues abuse the same fundamental flaw, it seems like a
good opportunity to bundle both fix in a single advisory.



However, because we need different patch, this will likely requires 2
different CVE numbers...



https://bugs.launchpad.net/bugs/1558658 (DHCP spoofing because the rule had only
                                         -p udp -m udp --sport 68 --dport 67)


Use CVE-2016-5362.



https://bugs.launchpad.net/bugs/1558658 (MAC source address spoofing)


Use CVE-2016-5363.



https://bugs.launchpad.net/bugs/1502933 (ICMPv6 source address spoofing)


Use CVE-2015-8914.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXWuzyAAoJEHb/MwWLVhi2bBAQAKsmBq6+BILn7sflHZr1biSs
1bGOleiu+F947NAp5zzqjv9riowFneB7fCTPJ3uSXueCSNEyGFDIVPR80M7MWKdv
vtTUnLT8GLl9P2ZkvdYLaIW12UQq2OQF5nA0kuz8piVJx5Mx6M9rMypw83cKlIfw
iovaJMZuI6ZSsYmdm8RJiEyhRO+fyTXSYi/i7/6UqGUnZuBU4//KvkTqE3ZHWw6K
4HRaFIDVFljIHJpLgdIyLDBoMymxf7yYSvMVAX7f74drOLkQd+LyMYnLzR6dLCtc
sFR31f3f1v+lFSYTXdklEF/toSu6pNHauffcmxAWLpn3vOLJbzKpZZ2I23uDPQSZ
cOJ0ygs+ZbIXABaRsfBiU6bk0uiXvGqyifcFZnoayWPpCyN65qrdJlgMYBjhprVa
g1TEnJ7I+H/6FVTbvpdHo+m0YVS2oF3/Wy2B2FrpdCC43aTPYCzEWNmlQfl8MY39
aGdLugde8eOhWOJQugnqe94CxbAdcR2H/BTh28XaABhLdDwrnU6XSWY56pzcu1ys
ctYo8aPPsgHr9SC6c7noBfO3RMQGqkLOFakjjPGUmMHQ3Fz/Rz3pljVFZYwaQ8aS
BPvpQ2DtsHo9VSDt/t6srftFNWC2B91lbOj68aKm32rXq4rDuuNtS3pbmFpphjgv
WUQ3XjzlzzoHO3TR4PHY
=5QDQ
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: