1
Candidate: CVE-2015-3221
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3221
5
http://www.openwall.com/lists/oss-security/2015/06/23/3
7
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1
8
(kilo), when using the IPTables firewall driver, allows remote
9
authenticated users to cause a denial of service (L2 agent crash) by adding
10
an address pair that is rejected by the ipset tool.
13
tyhicks> DoS possible by an authenticated user
14
mdeslaur> ipset code introduced in juno
16
https://bugs.launchpad.net/neutron/+bug/1461054/comments/18
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789713
19
Discovered-by: Darragh O'Reilly
23
upstream: https://review.openstack.org/194696 (juno)
24
upstream: https://review.openstack.org/194697 (kilo)
25
upstream: https://review.openstack.org/194695 (liberty)
26
upstream_neutron: released (2015.1.0+2015.06.24.git61.bdf194a0e1-1)
28
trusty_neutron: not-affected (code not present)
29
utopic_neutron: ignored (reached end-of-life)
30
vivid_neutron: not-affected (1:2015.1.1-0ubuntu2)
31
devel_neutron: not-affected (2:7.0.0~b2-0ubuntu2)