CVE-2015-8914
published 2016-06-17CVE-2015-8914: The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection…
PriorityP344critical9.1CVSS 3.0
AVNACLPRNUINSUCHINAH
EPSS
4.25%
89.8th percentile
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | neutron | < neutron 2:8.1.2-1 (bookworm) | neutron 2:8.1.2-1 (bookworm) |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 7.0.5 | 7.0.5 |
| openstack | neutron | >= 7.0.0 < 7.0.4 | 7.0.4 |
| openstack | neutron | >= 8.0.0 < 8.1.1 | 8.1.1 |
| openstack | neutron | 8.0.0 – 8.1.0 | — |
CVSS provenance
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv9.1CRITICAL
vendor_debian9.1CRITICAL
vendor_redhat9.1CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
osv·2022-05-14
CVE-2015-8914 [CRITICAL] OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
GHSA
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
ghsa·2022-05-14
CVE-2015-8914 [CRITICAL] CWE-923 OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
OSV
CVE-2015-8914: The IPTables firewall in OpenStack Neutron before 7
osv·2016-06-17·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914: The IPTables firewall in OpenStack Neutron before 7
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
Red Hat
openstack-neutron: ICMPv6 source address spoofing vulnerability
vendor_redhat·2015-12-15·CVSS 9.1
CVE-2015-8914 [CRITICAL] openstack-neutron: ICMPv6 source address spoofing vulnerability
openstack-neutron: ICMPv6 source address spoofing vulnerability
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests.
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Will not fix
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Will not fix
Package: openstack-neutron
Debian
CVE-2015-8914: neutron - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 ...
vendor_debian·2015·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914: neutron - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 ...
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
Scope: local
bookworm: resolved (fixed in 2:8.1.2-1)
bullseye: resolved (fixed in 2:8.1.2-1)
forky: resolved (fixed in 2:8.1.2-1)
sid: resolved (fixed in 2:8.1.2-1)
trixie: resolved (fixed in 2:8.1.2-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
bugzilla·2016-06-23·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
This as an RDO Project security tracking bug against openstack-neutron. It was created
to ensure that one or more security vulnerabilities are fixed.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
[bug automatically created by: add-tracking-bugs]
Discussion:
All fixed, closing.
Bugzilla
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
bugzilla·2016-06-23·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported ve
Bugzilla
CVE-2015-8914 openstack-neutron: ICMPv6 source address spoofing vulnerability
bugzilla·2016-06-13·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914 openstack-neutron: ICMPv6 source address spoofing vulnerability
CVE-2015-8914 openstack-neutron: ICMPv6 source address spoofing vulnerability
A vulnerability in Neutron anti-spoof protection. By forging DHCP discovery messages or non-IP traffic, such as ARP or ICMPv6, an instance may spoof IP or MAC source addresses on attached networks resulting in denial of services and/or traffic interception. Moreover when L2population isn't used, other tenants attached to a shared network are also vulnerable. Neutron setups using the IPTables firewall driver are affected.
Upstream bug:
https://bugs.launchpad.net/bugs/1502933
References:
http://seclists.org/oss-sec/2016/q2/519
Discussion:
Created openstack-neutron tracking bugs for this issue:
Affects: fedora-all [bug 1349669]
Affects: openstack-rdo [bug 1349670]
---
This issue has been addressed in the f
http://www.openwall.com/lists/oss-security/2016/06/10/5http://www.openwall.com/lists/oss-security/2016/06/10/6https://access.redhat.com/errata/RHSA-2016:1473https://access.redhat.com/errata/RHSA-2016:1474https://bugs.launchpad.net/neutron/+bug/1502933https://review.openstack.org/#/c/300233/https://review.openstack.org/#/c/310648/https://review.openstack.org/#/c/310652/https://security.openstack.org/ossa/OSSA-2016-009.htmlhttp://www.openwall.com/lists/oss-security/2016/06/10/5http://www.openwall.com/lists/oss-security/2016/06/10/6https://access.redhat.com/errata/RHSA-2016:1473https://access.redhat.com/errata/RHSA-2016:1474https://bugs.launchpad.net/neutron/+bug/1502933https://review.openstack.org/#/c/300233/https://review.openstack.org/#/c/310648/https://review.openstack.org/#/c/310652/https://security.openstack.org/ossa/OSSA-2016-009.html
2016-06-17
Published