CVE-2018-14636

5.3MEDIUM

Key Information:

Vendor
The Openstack Project
Status
Openstack-neutron
Vendor
CVE Published:
10 September 2018

Summary

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.

Affected Version(s)

openstack-neutron 13.0.0.0b2

openstack-neutron 12.0.3

openstack-neutron 11.0.5

References

https://bugs.launchpad.net/neutron/+bug/1767422
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
x_refsource_CONFIRM
https://bugs.launchpad.net/neutron/+bug/1734320
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.