Security Bulletin
Summary
By creating an IPv6 private subnet attached to a L3 router, an authenticated user may break the L3-agent, preventing further floating IPv4 addresses from being attached for the entire cloud.
Vulnerability Details
CVE ID: CVE-2014-4167
Description: The OpenStack Neutron L3-agent is vulnerable to a denial of service attack. A malicious user may break the L3-agent, preventing further floating IPv4 addresses from being attached for the entire cloud. Only Neutron setups using IPv6 and L3-agent are affected.
CVSS Base Score: 4.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93854 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Affected Products and Versions
Cloud Manager with OpenStack 4.1.0
Remediation/Fixes
|
Product | VRMF | APAR | Remediation/First Fix | Required Action |
| Cloud Manager with OpenStack | 4.1.0 | None | Cloud Manager with OpenStack 4.1.0.3 Fix Pack: http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Cloud+Manager+with+Openstack&release=4.1.0.2&platform=All&function=fixId&fixids=+4.1.0.3-IBM-CMWO-FP03+&includeSupersedes=0 | Cloud Manager with OpenStack 4.1.0.3 Fix Pack: http://www-01.ibm.com/support/docview.wss?rs=0&uid=isg400001884 |
Workarounds and Mitigations
Only IBM Cloud Manager with Openstack configurations using Neutron for networking and using IPv6 and the L3-agent are affected.
Get Notified about Future Security Bulletins
References
Change History
24 October 2014: Revised for clarity
23 September 2014: Original version published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
07 August 2018
UID
isg3T1021230