Denial of Service Vulnerability in OpenStack Neutron by IPTables Firewall Driver
CVE-2015-3221

Currently unrated

Key Information:

Vendor

Openstack
Status
Neutron
Vendor
CVE Published:
26 August 2015

What is CVE-2015-3221?

An issue exists in OpenStack Neutron where the IPTables firewall driver is vulnerable to a Denial of Service attack. Remote authenticated users can exploit this vulnerability by adding an address pair that is subsequently rejected by the ipset tool, leading to a crash of the L2 agent. This behavior can undermine the availability of network services within the OpenStack environment, affecting system performance and reliability.

References

http://www.securityfocus.com/bid/75368
vdb-entryx_refsource_BID
http://lists.openstack.org/pipermail/openstack-announce/2...
mailing-listx_refsource_MLIST
https://bugs.launchpad.net/neutron/+bug/1461054
x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2015-3221 : Denial of Service Vulnerability in OpenStack Neutron by IPTables Firewall Driver