Ubuntu Security Notice 4036-1 - Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances.
e4e59fbad634306202b9b1275923fc716c0b615791f01c6e7aa73e2b89177a0b==========================================================================
Ubuntu Security Notice USN-4036-1
June 25, 2019
neutron vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 16.04 LTS
Summary:
A system hardening measure could be bypassed.
Software Description:
- neutron: OpenStack Virtual Network Service
Details:
Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly
handled certain security group rules in the iptables firewall module. An
authenticated attacker could possibly use this issue to block further
application of security group rules for other instances.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
python-neutron 2:13.0.2-0ubuntu3.4
python3-neutron 2:13.0.2-0ubuntu3.4
Ubuntu 16.04 LTS:
python-neutron 2:8.4.0-0ubuntu7.4
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4036-1
CVE-2019-9735
Package Information:
https://launchpad.net/ubuntu/+source/neutron/2:13.0.2-0ubuntu3.4
https://launchpad.net/ubuntu/+source/neutron/2:8.4.0-0ubuntu7.4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed