CVE-2014-8153
published 2015-01-15CVE-2014-8153: The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked…
PriorityP417medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
1.92%
77.3th percentile
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | neutron | — | — |
| litech | router_advertisement_daemon | — | — |
| openstack | neutron | — | — |
| openstack | neutron | — | — |
| openstack | neutron | >= 0 < 1:2014.1.3-0ubuntu1.1 | 1:2014.1.3-0ubuntu1.1 |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv4.0MEDIUM
vendor_debian4.0LOW
vendor_redhat4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)
vendor_redhat·2015-01-08·CVSS 4.0
CVE-2014-8153 [MEDIUM] openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)
openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
Statement: Not vulnerable. This issue did not affect the versions of openstack-neutron as shipped with Red Hat Enterprise Linux OpenStack Platform 4 or 5.
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Not affected
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Not affected
Package: openstack-neutron (Red Hat OpenStack Platform 4) - Not affected
Debian
CVE-2014-8153: neutron - The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0...
vendor_debian·2014·CVSS 4.0
CVE-2014-8153 [MEDIUM] CVE-2014-8153: neutron - The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0...
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-rqg5-f3m3-r3xh: The L3 agent in OpenStack Neutron 2014
ghsa_unreviewed·2022-05-17
CVE-2014-8153 [MEDIUM] CWE-20 GHSA-rqg5-f3m3-r3xh: The L3 agent in OpenStack Neutron 2014
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
OSV
CVE-2014-8153: The L3 agent in OpenStack Neutron 2014
osv·2015-01-15·CVSS 4.0
CVE-2014-8153 [MEDIUM] CVE-2014-8153: The L3 agent in OpenStack Neutron 2014
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
No detection rules found.
No public exploits indexed.
http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.htmlhttp://www.securityfocus.com/bid/71961https://bugs.launchpad.net/neutron/+bug/1398779https://bugs.launchpad.net/neutron/+bug/1399172https://bugzilla.redhat.com/show_bug.cgi?id=1169408http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.htmlhttp://www.securityfocus.com/bid/71961https://bugs.launchpad.net/neutron/+bug/1398779https://bugs.launchpad.net/neutron/+bug/1399172https://bugzilla.redhat.com/show_bug.cgi?id=1169408
2015-01-15
Published