Add OSSA-2019-002 (CVE-2019-10876)
Depends-On: https://review.openstack.org/#/c/650930/ Change-Id: I17b766efdbd63cfc6cdfc03a94f60911dd7acc9d
This commit is contained in:
parent
625eac77ff
commit
64232d9f1a
|
@ -0,0 +1,44 @@
|
|||
date: 2019-04-08
|
||||
|
||||
id: OSSA-2019-002
|
||||
|
||||
title: Overlapping security group rules prevents compute node network configuration
|
||||
|
||||
description: >
|
||||
Diko Parvanov (Canonical) reported a vulnerability in
|
||||
neutron-openvswitch-agent security group rules. By creating
|
||||
two security groups with separate/overlapping port ranges, an
|
||||
authenticated user may prevent neutron from being able to configure
|
||||
networks on any compute nodes where those security groups are
|
||||
present. All neutron deployments utilizing
|
||||
neutron-openvswitch-agent are affected.
|
||||
|
||||
|
||||
affected-products:
|
||||
- product: neutron
|
||||
version: '>=11.0.0 <11.0.7, >=12.0.0 <12.0.6, >=13.0.0 <13.0.3'
|
||||
|
||||
vulnerabilities:
|
||||
- cve-id: CVE-2019-10876
|
||||
|
||||
reporters:
|
||||
- name: Diko Parvanov
|
||||
affiliation: Canonical
|
||||
reported:
|
||||
- CVE-2019-10876
|
||||
|
||||
issues:
|
||||
links:
|
||||
- https://launchpad.net/bugs/1813007
|
||||
|
||||
reviews:
|
||||
pike:
|
||||
- https://review.openstack.org/648102
|
||||
queens:
|
||||
- https://review.openstack.org/648004
|
||||
rocky:
|
||||
- https://review.openstack.org/648003
|
||||
stein:
|
||||
- https://review.openstack.org/648002
|
||||
train:
|
||||
- https://review.openstack.org/640252
|
Loading…
Reference in New Issue