Bug 1163457 (CVE-2014-7821) - CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers
Summary: CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-7821
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1165886 1165887 1166074 1166075 1166318 1168800
Blocks: 1163459
TreeView+ depends on / blocked
 
Reported: 2014-11-12 18:06 UTC by Vincent Danen
Modified: 2019-09-29 13:23 UTC (History)
20 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A denial of service flaw was found in the way neutron handled the 'dns_nameservers' parameter. By providing specially crafted 'dns_nameservers' values, an authenticated user could use this flaw to crash the neutron service.
Clone Of:
Environment:
Last Closed: 2015-01-14 00:10:23 UTC


Attachments (Terms of Use)
patch for CVE-2014-7821 (stable-juno) (1.46 KB, patch)
2014-11-12 18:09 UTC, Vincent Danen
no flags Details | Diff
patch for CVE-2014-7821 (stable-icehouse) (1.46 KB, patch)
2014-11-12 18:10 UTC, Vincent Danen
no flags Details | Diff
patch for CVE-2014-7821 (master-kilo) (1.46 KB, patch)
2014-11-12 18:10 UTC, Vincent Danen
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2014:1938 normal SHIPPED_LIVE Moderate: openstack-neutron security and bug fix update 2014-12-02 21:48:36 UTC
OpenStack gerrit 135616 None None None Never
Red Hat Product Errata RHSA-2014:1942 normal SHIPPED_LIVE Moderate: openstack-neutron security and bug fix update 2014-12-02 21:58:59 UTC
Red Hat Product Errata RHSA-2015:0044 normal SHIPPED_LIVE Moderate: openstack-neutron security update 2015-01-13 22:57:13 UTC

Description Vincent Danen 2014-11-12 18:06:17 UTC
Reporter: Henry Yamauchi, Charles Neill and Michael Xin (Rackspace)
Products: Neutron
Versions: up to 2014.1.3 and 2014.2

Description:
Henry Yamauchi, Charles Neill and Michael Xin from Rackspace reported a
vulnerability in Neutron. By configuring a maliciously crafted
dns_nameservers an authenticated user may crash Neutron service
resulting in a denial of service attack. All Neutron setups are
affected.


Acknowledgements:

Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Henry Yamauchi, Charles Neill and Michael Xin (Rackspace) as the original reporters.

Comment 1 Vincent Danen 2014-11-12 18:09:48 UTC
Created attachment 956842 [details]
patch for CVE-2014-7821 (stable-juno)

Comment 2 Vincent Danen 2014-11-12 18:10:11 UTC
Created attachment 956843 [details]
patch for CVE-2014-7821 (stable-icehouse)

Comment 3 Vincent Danen 2014-11-12 18:10:43 UTC
Created attachment 956844 [details]
patch for CVE-2014-7821 (master-kilo)

Comment 5 Murray McAllister 2014-11-19 23:38:19 UTC
This issue is public now:

http://seclists.org/oss-sec/2014/q4/690

Comment 6 Murray McAllister 2014-11-19 23:41:20 UTC
Created openstack-neutron tracking bugs for this issue:

Affects: openstack-rdo [bug 1165886]
Affects: fedora-all [bug 1165887]

Comment 8 Martin Prpič 2014-11-25 09:04:34 UTC
IssueDescription:

A denial of service flaw was found in the way neutron handled the 'dns_nameservers' parameter. By providing specially crafted 'dns_nameservers' values, an authenticated user could use this flaw to crash the neutron service.

Comment 9 Ihar Hrachyshka 2014-11-25 18:10:17 UTC
I suspect we also need a bug for Havana (RHOS4).

Comment 11 Ihar Hrachyshka 2014-11-28 13:34:29 UTC
This fix introduced a regression: http://lists.openstack.org/pipermail/openstack-dev/2014-November/051757.html

Comment 12 errata-xmlrpc 2014-12-02 16:48:57 UTC
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 6

Via RHSA-2014:1938 https://rhn.redhat.com/errata/RHSA-2014-1938.html

Comment 13 errata-xmlrpc 2014-12-02 17:00:32 UTC
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 7

Via RHSA-2014:1942 https://rhn.redhat.com/errata/RHSA-2014-1942.html

Comment 14 errata-xmlrpc 2015-01-13 17:57:34 UTC
This issue has been addressed in the following products:

  OpenStack 4 for RHEL 6

Via RHSA-2015:0044 https://rhn.redhat.com/errata/RHSA-2015-0044.html


Note You need to log in before you can comment on or make changes to this bug.