CVE-2014-8153

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.

Published: Jan 15, 2015
Updated: Apr 13, 2023
CVE: CVE-2014-8153
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:N/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
litech / router_advertisement_daemon	2.0	2.0.x
openstack / neutron	2014.2.1	2014.2.1.x
openstack / neutron	2014.2	2014.2.x

http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.html
http://www.securityfocus.com/bid/71961
https://bugs.launchpad.net/neutron/+bug/1398779
https://bugs.launchpad.net/neutron/+bug/1399172
https://bugzilla.redhat.com/show_bug.cgi?id=1169408

Vulnerability Database

289,599

CVE-2014-8153