Bugzilla – Bug 874757
VUL-0: CVE-2014-0187: openstack-neutron: security groups bypass through invalid CIDR
Last modified: 2015-02-19 01:49:16 UTC
Via rh#1090132: OpenStack Security Advisory: 2014-014 CVE: CVE-2014-0187 Date: April 22, 2014 Title: Neutron security groups bypass through invalid CIDR Reporters: Stephen Ma (HP) and Christoph Thiel (Deutsche Telekom) Products: Neutron Versions: 2013.1 to 2013.2.3, and 2014.1 Description: Stephen Ma from Hewlett Packard and Christoph Thiel from Deutsche Telekom reported a vulnerability in Neutron security groups. By creating a security group rule with an invalid CIDR, an authenticated user may break openvswitch-agent process, preventing further rules from being applied on the host. Note: removal of the faulty rule is not enough, the openvswitch-agent must be restarted. All Neutron setups using Open vSwitch are affected. Juno (development branch) fix: https://review.openstack.org/59212 Icehouse fix: https://review.openstack.org/88674 Havana fix: https://review.openstack.org/88057 Notes: This fix will be included in the juno-1 development milestone and in future 2013.2.4 and 2014.1.1 releases. References: https://launchpad.net/bugs/1300785 https://bugzilla.redhat.com/show_bug.cgi?id=1090132 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0187
bugbot adjusting priority
sr#37836 has the package with the fix
The SWAMPID for this issue is 57386. This issue was rated as moderate. Please submit fixed packages until 2014-05-28. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
how can our QA test this?
(In reply to comment #5) > how can our QA test this? https://bugzilla.redhat.com/show_bug.cgi?id=1090132#c3 provides the info about how to see the bug (and therefore how to see the fix is working)
Update released for: openstack-neutron, openstack-neutron-dhcp-agent, openstack-neutron-doc, openstack-neutron-ha-tool, openstack-neutron-hyperv-agent, openstack-neutron-l3-agent, openstack-neutron-lbaas-agent, openstack-neutron-linuxbridge-agent, openstack-neutron-metadata-agent, openstack-neutron-metering-agent, openstack-neutron-mlnx-agent, openstack-neutron-nec-agent, openstack-neutron-openvswitch-agent, openstack-neutron-plugin-cisco, openstack-neutron-ryu-agent, openstack-neutron-server, openstack-neutron-test, openstack-neutron-vmware-agent, openstack-neutron-vpn-agent, python-neutron Products: SUSE-CLOUD 3.0 (x86_64)
SUSE-SU-2014:0754-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 874757 CVE References: CVE-2014-0187 Sources used: SUSE Cloud 3 (src): openstack-neutron-2013.2.4.dev54.gc78491e-0.7.1, openstack-neutron-doc-2013.2.4.dev54.gc78491e-0.7.1
submitted https://build.opensuse.org/request/show/239770 13.1 / openstack-neutron
openSUSE-SU-2014:1051-1: An update that contains security fixes can now be installed. Category: security (moderate) Bug References: 874757 CVE References: Sources used: openSUSE 13.1 (src): openstack-neutron-2013.2.4.dev86.gb4b09a6-4.1, openstack-neutron-doc-2013.2.4.dev86.gb4b09a6-4.1, python-eventlet-0.14.0-2.4.1, python-greenlet-0.4.2-3.4.1, python-iso8601-0.1.10-6.4.1, python-neutronclient-2.3.4-6.1, python-py-1.4.22-2.4.1, python-pytest-2.6.0-2.4.1