Date: Fri, 10 Jun 2016 12:43:27 -0400 (EDT) From: cve-assign@...re.org To: tdecacqu@...hat.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request for vulnerability in OpenStack Neutron -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > Title: Neutron IPTables firewall anti-spoof protection bypass > independently reported vulnerabilities in Neutron > anti-spoof protection. By forging DHCP discovery messages or non-IP > traffic, such as ARP or ICMPv6, an instance may spoof IP or MAC source > addresses on attached networks resulting in denial of services and/or > traffic interception. Moreover when L2population isn't used, other > tenants attached to a shared network are also vulnerable. Neutron > setups using the IPTables firewall driver are affected. > The dhcp fix has been included in the 8.0.0 release and this > request probably needs more than one CVE. >> https://bugs.launchpad.net/neutron/+bug/1502933/comments/21 >> Just to be clear, the ICMPv6 source address spoof isn't addressed by >> bug 1558658 patch (I39dc0e23fc118ede19ef2d986b29fc5a8e48ff78). >> Since both issues abuse the same fundamental flaw, it seems like a >> good opportunity to bundle both fix in a single advisory. >> However, because we need different patch, this will likely requires 2 >> different CVE numbers... > https://bugs.launchpad.net/bugs/1558658 (DHCP spoofing because the rule had only > -p udp -m udp --sport 68 --dport 67) Use CVE-2016-5362. > https://bugs.launchpad.net/bugs/1558658 (MAC source address spoofing) Use CVE-2016-5363. > https://bugs.launchpad.net/bugs/1502933 (ICMPv6 source address spoofing) Use CVE-2015-8914. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXWuzyAAoJEHb/MwWLVhi2bBAQAKsmBq6+BILn7sflHZr1biSs 1bGOleiu+F947NAp5zzqjv9riowFneB7fCTPJ3uSXueCSNEyGFDIVPR80M7MWKdv vtTUnLT8GLl9P2ZkvdYLaIW12UQq2OQF5nA0kuz8piVJx5Mx6M9rMypw83cKlIfw iovaJMZuI6ZSsYmdm8RJiEyhRO+fyTXSYi/i7/6UqGUnZuBU4//KvkTqE3ZHWw6K 4HRaFIDVFljIHJpLgdIyLDBoMymxf7yYSvMVAX7f74drOLkQd+LyMYnLzR6dLCtc sFR31f3f1v+lFSYTXdklEF/toSu6pNHauffcmxAWLpn3vOLJbzKpZZ2I23uDPQSZ cOJ0ygs+ZbIXABaRsfBiU6bk0uiXvGqyifcFZnoayWPpCyN65qrdJlgMYBjhprVa g1TEnJ7I+H/6FVTbvpdHo+m0YVS2oF3/Wy2B2FrpdCC43aTPYCzEWNmlQfl8MY39 aGdLugde8eOhWOJQugnqe94CxbAdcR2H/BTh28XaABhLdDwrnU6XSWY56pzcu1ys ctYo8aPPsgHr9SC6c7noBfO3RMQGqkLOFakjjPGUmMHQ3Fz/Rz3pljVFZYwaQ8aS BPvpQ2DtsHo9VSDt/t6srftFNWC2B91lbOj68aKm32rXq4rDuuNtS3pbmFpphjgv WUQ3XjzlzzoHO3TR4PHY =5QDQ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ