CVE-2015-3221

Priority
Description
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1
(kilo), when using the IPTables firewall driver, allows remote
authenticated users to cause a denial of service (L2 agent crash) by adding
an address pair that is rejected by the ipset tool.
Notes
tyhicksDoS possible by an authenticated user
mdeslauripset code introduced in juno
Package
Upstream:released (2015.1.0+2015.06.24.git61.bdf194a0e1-1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [code not present])
Patches:
Upstream:https://review.openstack.org/194696 (juno)
Upstream:https://review.openstack.org/194697 (kilo)
Upstream:https://review.openstack.org/194695 (liberty)
More Information

Updated: 2020-09-10 04:42:03 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)