Bug 1690745 (CVE-2019-9735) - CVE-2019-9735 openstack-neutron: incorrect validation of port settings in iptables security group driver
Summary: CVE-2019-9735 openstack-neutron: incorrect validation of port settings in ipt...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-9735
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1690387 1690746 1691121 1691122 1691123
Blocks: 1690749
TreeView+ depends on / blocked
 
Reported: 2019-03-20 07:25 UTC by Dhananjay Arunesh
Modified: 2021-02-16 22:13 UTC (History)
15 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2019-06-10 10:51:30 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0879 0 None None None 2019-04-30 17:35:12 UTC
Red Hat Product Errata RHSA-2019:0916 0 None None None 2019-04-30 16:58:15 UTC
Red Hat Product Errata RHSA-2019:0935 0 None None None 2019-04-30 17:23:32 UTC

Description Dhananjay Arunesh 2019-03-20 07:25:51 UTC 
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.)


Reference:
https://bugs.launchpad.net/neutron/+bug/1818385
https://seclists.org/oss-sec/2019/q1/183

Upstream commit:
https://git.openstack.org/cgit/openstack/neutron/commit/?id=8c213e45902e21d2fe00639ef7d92b35304bde82

Upstream Patches:
https://git.openstack.org/cgit/openstack/neutron/patch/?id=8c213e45902e21d2fe00639ef7d92b35304bde82
https://review.openstack.org/640619 
https://review.openstack.org/640790 
https://review.openstack.org/640702
https://review.openstack.org/640685 
https://review.openstack.org/640619
Comment 1 Dhananjay Arunesh 2019-03-20 07:26:06 UTC 
Created openstack-neutron tracking bugs for this issue:

Affects: openstack-rdo [bug 1690746]
Comment 7 Summer Long 2019-03-25 23:01:52 UTC 
External References:

https://seclists.org/oss-sec/2019/q1/183
Comment 8 Summer Long 2019-03-25 23:03:57 UTC 
Red Hat OpenStack Platform versions 10, 13, and 14 are affected by this vulnerability.
Comment 11 errata-xmlrpc 2019-04-30 16:58:14 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 10.0 (Newton)

Via RHSA-2019:0916 https://access.redhat.com/errata/RHSA-2019:0916
Comment 12 errata-xmlrpc 2019-04-30 17:23:31 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 13.0 (Queens)

Via RHSA-2019:0935 https://access.redhat.com/errata/RHSA-2019:0935
Comment 13 errata-xmlrpc 2019-04-30 17:35:11 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 14.0 (Rocky)

Via RHSA-2019:0879 https://access.redhat.com/errata/RHSA-2019:0879
Note You need to log in before you can comment on or make changes to this bug.