Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 08 Jan 2015 12:53:59 -0500
From: Tristan Cacqueray <>
Subject: [OSSA 2015-001] L3 agent denial of service with radvd 2.0+ (CVE-2014-8153)

OSSA-2015-001: L3 agent denial of service with radvd 2.0+

:Date: January 08, 2015
:CVE: CVE-2014-8153

- Neutron: 2014.2 version up to 2014.2.1

Ihar Hrachyshka from Red Hat reported a vulnerability in Neutron. By
creating 8 routers and assigning each of them a non-provider ipv6
subnet, a malicious user may block router update processing for all
tenants, potentially resulting in a Denial of Service. Only Neutron
setups running with radvd 2.0+ are affected.

- (Juno)
- (Kilo)

- Ihar Hrachyshka from Red Hat (CVE-2014-8153)


- This fix will be included in a future 2014.2.2 release.
- The OSSA announce format for the 2015 advisories has been changed to

Tristan Cacqueray
OpenStack Vulnerability Management Team

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ