CVE-2016-5362
published 2016-06-17CVE-2016-5362: The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection…
PriorityP340high8.2CVSS 3.0
AVNACLPRNUINSUCLINAH
EPSS
3.41%
87.4th percentile
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | neutron | < neutron 2:8.1.2-1 (bookworm) | neutron 2:8.1.2-1 (bookworm) |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 2:8.1.2-1 | 2:8.1.2-1 |
| openstack | neutron | >= 0 < 7.0.5 | 7.0.5 |
| openstack | neutron | >= 7.0.0 < 7.0.4 | 7.0.4 |
| openstack | neutron | >= 8.0.0 < 8.1.1 | 8.1.1 |
| openstack | neutron | 8.0.0 – 8.1.0 | — |
CVSS provenance
nvdv3.08.2HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv8.2HIGH
vendor_debian8.2HIGH
vendor_redhat8.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
openstack-neutron: DHCP spoofing vulnerability
vendor_redhat·2016-03-29·CVSS 8.2
CVE-2016-5362 [HIGH] openstack-neutron: DHCP spoofing vulnerability
openstack-neutron: DHCP spoofing vulnerability
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests.
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Will not fix
Package: openstack-neutron (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Will not fix
Package: openstack-neutron (Red Hat OpenS
Debian
CVE-2016-5362: neutron - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 ...
vendor_debian·2016·CVSS 8.2
CVE-2016-5362 [HIGH] CVE-2016-5362: neutron - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 ...
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
Scope: local
bookworm: resolved (fixed in 2:8.1.2-1)
bullseye: resolved (fixed in 2:8.1.2-1)
forky: resolved (fixed in 2:8.1.2-1)
sid: resolved (fixed in 2:8.1.2-1)
trixie: resolved (fixed in 2:8.1.2-1)
OSV
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
osv·2022-05-14
CVE-2016-5362 [HIGH] OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
GHSA
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
ghsa·2022-05-14
CVE-2016-5362 [HIGH] CWE-923 OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
OSV
CVE-2016-5362: The IPTables firewall in OpenStack Neutron before 7
osv·2016-06-17·CVSS 8.2
CVE-2016-5362 [HIGH] CVE-2016-5362: The IPTables firewall in OpenStack Neutron before 7
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
bugzilla·2016-06-23·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [openstack-rdo]
This as an RDO Project security tracking bug against openstack-neutron. It was created
to ensure that one or more security vulnerabilities are fixed.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
[bug automatically created by: add-tracking-bugs]
Discussion:
All fixed, closing.
Bugzilla
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
bugzilla·2016-06-23·CVSS 9.1
CVE-2015-8914 [CRITICAL] CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
CVE-2015-8914 CVE-2016-5362 CVE-2016-5363 openstack-neutron: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported ve
Bugzilla
CVE-2016-5362 openstack-neutron: DHCP spoofing vulnerability
bugzilla·2016-06-13·CVSS 8.2
CVE-2016-5362 [HIGH] CVE-2016-5362 openstack-neutron: DHCP spoofing vulnerability
CVE-2016-5362 openstack-neutron: DHCP spoofing vulnerability
A vulnerability in Neutron anti-spoof protection. By forging DHCP discovery messages or non-IP traffic, such as ARP or ICMPv6, an instance may spoof IP or MAC source addresses on attached networks resulting in denial of services and/or traffic interception. Moreover when L2population isn't used, other tenants attached to a shared network are also vulnerable. Neutron setups using the IPTables firewall driver are affected.
Upstream bug:
https://bugs.launchpad.net/bugs/1558658
References:
http://seclists.org/oss-sec/2016/q2/519
Discussion:
Created openstack-neutron tracking bugs for this issue:
Affects: fedora-all [bug 1349669]
Affects: openstack-rdo [bug 1349670]
---
This issue has been addressed in the following products
http://www.openwall.com/lists/oss-security/2016/06/10/5http://www.openwall.com/lists/oss-security/2016/06/10/6https://access.redhat.com/errata/RHSA-2016:1473https://access.redhat.com/errata/RHSA-2016:1474https://bugs.launchpad.net/neutron/+bug/1558658https://review.openstack.org/#/c/300202/https://review.openstack.org/#/c/303563/https://review.openstack.org/#/c/303572/https://security.openstack.org/ossa/OSSA-2016-009.htmlhttp://www.openwall.com/lists/oss-security/2016/06/10/5http://www.openwall.com/lists/oss-security/2016/06/10/6https://access.redhat.com/errata/RHSA-2016:1473https://access.redhat.com/errata/RHSA-2016:1474https://bugs.launchpad.net/neutron/+bug/1558658https://review.openstack.org/#/c/300202/https://review.openstack.org/#/c/303563/https://review.openstack.org/#/c/303572/https://security.openstack.org/ossa/OSSA-2016-009.html
2016-06-17
Published