CVE-2017-5936
N/A
N/A
Summary
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/96182
- https://bugs.launchpad.net/nova-lxd/+bug/1656847
- http://www.ubuntu.com/usn/USN-3195-1
- https://github.com/openstack/nova-lxd/commit/1b76cefb92081efa1e88cd8f330253f857028bd2
- http://www.openwall.com/lists/oss-security/2017/02/09/3
References
- http://www.securityfocus.com/bid/96182
- https://bugs.launchpad.net/nova-lxd/+bug/1656847
- http://www.ubuntu.com/usn/USN-3195-1
- https://github.com/openstack/nova-lxd/commit/1b76cefb92081efa1e88cd8f330253f857028bd2
- http://www.openwall.com/lists/oss-security/2017/02/09/3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.