Bugzilla – Bug 949070
VUL-0: CVE-2015-7713: openstack-nova: network security group changes are not applied to running instances
Last modified: 2018-10-19 18:39:19 UTC
Nova network security group changes are not applied to running instances Reporter: Sreekumar S and Suntao Products: Nova Affects: <=2014.2.3, >=2015.1.0, <=2015.1.1 Description: Sreekumar S and Suntao independently reported a vulnerability in Nova network. Security group changes silently fail to be applied to already running instances, potentially resulting in instances not being protected by the security group. All Nova network setups are affected. References: https://launchpad.net/bugs/1491307 https://launchpad.net/bugs/1484738 http://seclists.org/oss-sec/2015/q4/41 https://bugzilla.redhat.com/show_bug.cgi?id=1269119 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7713 http://seclists.org/oss-sec/2015/q4/41
bugbot adjusting priority
Patches ~~~~~~~ - https://review.openstack.org/222026 (Juno) - https://review.openstack.org/222023 (Kilo) - https://review.openstack.org/222022 (Liberty)
Submitted in mr#74069.
SUSE-SU-2015:2219-1: An update that solves three vulnerabilities and has four fixes is now available. Category: security (moderate) Bug References: 927625,935017,942457,944178,945923,949070,949529 CVE References: CVE-2015-3241,CVE-2015-3280,CVE-2015-7713 Sources used: SUSE OpenStack Cloud 5 (src): openstack-nova-2014.2.4~a0~dev80-20.1, openstack-nova-doc-2014.2.4~a0~dev80-20.1
SUSE-SU-2015:2220-1: An update that solves 5 vulnerabilities and has 6 fixes is now available. Category: security (moderate) Bug References: 927625,935017,935263,939691,942457,943648,944178,945923,948704,949070,949529 CVE References: CVE-2015-3221,CVE-2015-3241,CVE-2015-3280,CVE-2015-5240,CVE-2015-7713 Sources used: SUSE OpenStack Cloud Compute 5 (src): openstack-neutron-2014.2.4~a0~dev103-10.3, openstack-nova-2014.2.4~a0~dev80-14.1, python-python-memcached-1.54-2.1
released