Download
| Alert*
oval:org.secpod.oval:def:1901828
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those securit ... oval:org.secpod.oval:def:702178 neutron-common is installed oval:org.secpod.oval:def:702173 neutron: OpenStack Virtual Network Service OpenStack Neutron could be made to expose sensitive information or crash. oval:org.secpod.oval:def:52281 neutron: OpenStack Virtual Network Service OpenStack Neutron could be made to expose sensitive information or crash. oval:org.secpod.oval:def:708134 neutron: OpenStack Virtual Network Service Several security issues were fixed in OpenStack Neutron. oval:org.secpod.oval:def:89903 neutron: OpenStack Virtual Network Service Several security issues were fixed in OpenStack Neutron. oval:org.secpod.oval:def:1900152 Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance"s port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to ... oval:org.secpod.oval:def:2000272 Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance"s port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to ... oval:org.secpod.oval:def:1902036 An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn"t support that option , an authenticated user may block ... oval:org.secpod.oval:def:603827 Erik Olof Gunnar Andersson discovered that incorrect validation of port settings in the iptables security group driver of Neutron, the OpenStack virtual network service, could result in denial of service in a multi tenant setup. |