OSSA-2014-014: Neutron security groups bypass through invalid CIDR¶

Date:: April 22, 2014
CVE:: CVE-2014-0187

Affects¶

Neutron: 2013.1 to 2013.2.3, and 2014.1

Description¶

Stephen Ma from Hewlett Packard and Christoph Thiel from Deutsche Telekom reported a vulnerability in Neutron security groups. By creating a security group rule with an invalid CIDR, an authenticated user may break openvswitch-agent process, preventing further rules from being applied on the host. Note: removal of the faulty rule is not enough, the openvswitch-agent must be restarted. All Neutron setups using Open vSwitch are affected.

Patches¶

https://review.openstack.org/#/c/88057 (Havana)
https://review.openstack.org/#/c/88674 (Icehouse)
https://review.openstack.org/#/c/59212 (Juno)

Credits¶

Stephen Ma from HP (CVE-2014-0187)
Christoph Thiel from Deutsche Telekom (CVE-2014-0187)

References¶

https://launchpad.net/bugs/1300785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0187

OSSA-2014-014: Neutron security groups bypass through invalid CIDR