CVE-2015-3221: Improper Input Validation
(updated )
A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash.
References
- lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html
- rhn.redhat.com/errata/RHSA-2015-1680.html
- access.redhat.com/errata/RHSA-2015:1680
- access.redhat.com/security/cve/CVE-2015-3221
- bugs.launchpad.net/neutron/+bug/1461054
- bugzilla.redhat.com/show_bug.cgi?id=1232284
- git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38
- github.com/advisories/GHSA-wf44-4mgj-rwvx
- nvd.nist.gov/vuln/detail/CVE-2015-3221
- web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368
Code Behaviors & Features
Detect and mitigate CVE-2015-3221 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →