Launchpad CVE tracker

CVE 2014-8153

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.

Related bugs and status

CVE-2014-8153 (Candidate) is related to these bugs:

Bug #1399172: [OSSA 2015-001] L3 agent DoS vulnerability (CVE-2014-8153)

		In	Importance	Status
1399172	[OSSA 2015-001] L3 agent DoS vulnerability (CVE-2014-8153)	neutron	Undecided	Fix Released
1399172	[OSSA 2015-001] L3 agent DoS vulnerability (CVE-2014-8153)	OpenStack Security Advisory	Medium	Fix Released
1399172	[OSSA 2015-001] L3 agent DoS vulnerability (CVE-2014-8153)	neutron juno	Undecided	Fix Committed
1399172	[OSSA 2015-001] L3 agent DoS vulnerability (CVE-2014-8153)	neutron icehouse	Undecided	Invalid

Bug #1410811: radvd >= 2.0 blocks router update processing

		In	Importance	Status
1410811	radvd >= 2.0 blocks router update processing	Mirantis OpenStack	High	Fix Committed
1410811	radvd >= 2.0 blocks router update processing	Mirantis OpenStack 6.0.x	High	Fix Released
1410811	radvd >= 2.0 blocks router update processing	Mirantis OpenStack 6.1.x	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-8153

References