CVE-2014-3555: OpenStack Neutron allows remote authenticated users to cause a denial of service
(updated )
A denial of service flaw was found in neutron’s handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute node unusable.
References
- lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html
- rhn.redhat.com/errata/RHSA-2014-1119.html
- rhn.redhat.com/errata/RHSA-2014-1120.html
- seclists.org/oss-sec/2014/q3/200
- access.redhat.com/errata/RHSA-2014:1078
- access.redhat.com/errata/RHSA-2014:1119
- access.redhat.com/errata/RHSA-2014:1120
- access.redhat.com/security/cve/CVE-2014-3555
- bugs.launchpad.net/neutron/+bug/1336207
- bugzilla.redhat.com/show_bug.cgi?id=1118833
- github.com/advisories/GHSA-4pmp-38hf-rmwj
- nvd.nist.gov/vuln/detail/CVE-2014-3555
- web.archive.org/web/20200228142429/http://www.securityfocus.com/bid/68765
Code Behaviors & Features
Detect and mitigate CVE-2014-3555 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →