usn-6067-1
Vulnerability from osv_ubuntu
Published
2023-05-10 11:30
Modified
2026-04-27 14:11
Summary
neutron vulnerabilities
Details

David Sinquin discovered that OpenStack Neutron incorrectly handled the default Open vSwitch firewall rules. An attacker could possibly use this issue to impersonate the IPv6 addresses of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20267)

Jake Yip and Justin Mammarella discovered that OpenStack Neutron incorrectly handled the linuxbridge driver when ebtables-nft is being used. An attacker could possibly use this issue to impersonate the hardware addresss of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598)

Pavel Toporkov discovered that OpenStack Neutron incorrectly handled extra_dhcp_opts values. An attacker could possibly use this issue to reconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40085)

Slawek Kaplonski discovered that OpenStack Neutron incorrectly handled the routes middleware. An attacker could possibly use this issue to cause the API worker to consume memory, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797)

It was discovered that OpenStack Neutron incorrectly handled certain queries. A remote authenticated user could possibly use this issue to cause resource consumption, leading to a denial of service. (CVE-2022-3277)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2021-20267",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-38598",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40085",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40797",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-3277",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "neutron-common",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-dhcp-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-l3-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-linuxbridge-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-macvtap-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-metadata-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-metering-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-openvswitch-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-plugin-linuxbridge-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-plugin-ml2",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-plugin-openvswitch-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-plugin-sriov-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-server",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "neutron-sriov-agent",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          },
          {
            "binary_name": "python-neutron",
            "binary_version": "2:12.1.1-0ubuntu8.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:18.04:LTS",
        "name": "neutron",
        "purl": "pkg:deb/ubuntu/neutron@2:12.1.1-0ubuntu8.1?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:12.1.1-0ubuntu8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2:11.0.1-0ubuntu1",
        "2:12.0.0~b1-0ubuntu1",
        "2:12.0.0~b1-0ubuntu2",
        "2:12.0.0~b2-0ubuntu1",
        "2:12.0.0~b3-0ubuntu1",
        "2:12.0.0~rc1-0ubuntu1",
        "2:12.0.0~rc2-0ubuntu1",
        "2:12.0.0-0ubuntu1",
        "2:12.0.0-0ubuntu1.1",
        "2:12.0.0-0ubuntu1.2",
        "2:12.0.0-0ubuntu1.3",
        "2:12.0.0-0ubuntu1.4",
        "2:12.0.0-0ubuntu2",
        "2:12.0.0-0ubuntu3",
        "2:12.0.1-0ubuntu1",
        "2:12.0.1-0ubuntu1.1",
        "2:12.0.2-0ubuntu1",
        "2:12.0.3-0ubuntu1",
        "2:12.0.5-0ubuntu1",
        "2:12.0.5-0ubuntu4",
        "2:12.0.5-0ubuntu5",
        "2:12.0.6-0ubuntu1",
        "2:12.0.6-0ubuntu2",
        "2:12.0.6-0ubuntu3",
        "2:12.1.0-0ubuntu1",
        "2:12.1.1-0ubuntu1",
        "2:12.1.1-0ubuntu2",
        "2:12.1.1-0ubuntu3",
        "2:12.1.1-0ubuntu4",
        "2:12.1.1-0ubuntu7",
        "2:12.1.1-0ubuntu8"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2021-20267",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-38598",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40085",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40797",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-3277",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "neutron-common",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-dhcp-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-l3-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-linuxbridge-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-macvtap-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-metadata-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-metering-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-openvswitch-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-ovn-metadata-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-plugin-ml2",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-server",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "neutron-sriov-agent",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          },
          {
            "binary_name": "python3-neutron",
            "binary_version": "2:16.4.2-0ubuntu6.2"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "neutron",
        "purl": "pkg:deb/ubuntu/neutron@2:16.4.2-0ubuntu6.2?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:16.4.2-0ubuntu6.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2:15.0.0-0ubuntu1",
        "2:16.0.0~b1~git2019121613.3e8abb9a8f-0ubuntu1",
        "2:16.0.0~b2~git2020020712.d5b33ffc77-0ubuntu1",
        "2:16.0.0~b2~git2020020712.d5b33ffc77-0ubuntu3",
        "2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu1",
        "2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu2",
        "2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu3",
        "2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu4",
        "2:16.0.0~b3~git2020041013.e74c8f8c88-0ubuntu1",
        "2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1",
        "2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu2",
        "2:16.0.0-0ubuntu0.20.04.1",
        "2:16.0.0-0ubuntu0.20.04.2",
        "2:16.1.0-0ubuntu1",
        "2:16.1.0-0ubuntu2",
        "2:16.2.0-0ubuntu1",
        "2:16.2.0-0ubuntu2",
        "2:16.2.0-0ubuntu3",
        "2:16.3.0-0ubuntu3",
        "2:16.3.1-0ubuntu1",
        "2:16.3.1-0ubuntu1.1",
        "2:16.3.2-0ubuntu2",
        "2:16.3.2-0ubuntu3",
        "2:16.4.0-0ubuntu2",
        "2:16.4.0-0ubuntu3",
        "2:16.4.1-0ubuntu2",
        "2:16.4.2-0ubuntu1",
        "2:16.4.2-0ubuntu2",
        "2:16.4.2-0ubuntu3",
        "2:16.4.2-0ubuntu4",
        "2:16.4.2-0ubuntu5",
        "2:16.4.2-0ubuntu6",
        "2:16.4.2-0ubuntu6.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-3277",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "neutron-common",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-dhcp-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-l3-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-linuxbridge-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-macvtap-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-metadata-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-metering-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-openvswitch-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-ovn-metadata-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-plugin-ml2",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-server",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "neutron-sriov-agent",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          },
          {
            "binary_name": "python3-neutron",
            "binary_version": "2:20.3.0-0ubuntu1.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:22.04:LTS",
        "name": "neutron",
        "purl": "pkg:deb/ubuntu/neutron@2:20.3.0-0ubuntu1.1?arch=source\u0026distro=jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:20.3.0-0ubuntu1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2:19.0.0-0ubuntu1",
        "2:19.1.0+git2022030313.b072cbf05f-0ubuntu1",
        "2:20.0.0-0ubuntu1",
        "2:20.0.0-0ubuntu2",
        "2:20.0.0-0ubuntu3",
        "2:20.1.0-0ubuntu2",
        "2:20.2.0-0ubuntu1",
        "2:20.3.0-0ubuntu1"
      ]
    }
  ],
  "aliases": [],
  "details": "David Sinquin discovered that OpenStack Neutron incorrectly handled the\ndefault Open vSwitch firewall rules. An attacker could possibly use this\nissue to impersonate the IPv6 addresses of other systems on the network.\nThis issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.\n(CVE-2021-20267)\n\nJake Yip and Justin Mammarella discovered that OpenStack Neutron\nincorrectly handled the linuxbridge driver when ebtables-nft is being\nused. An attacker could possibly use this issue to impersonate the hardware\naddresss of other systems on the network. This issue only affected Ubuntu\n18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598)\n\nPavel Toporkov discovered that OpenStack Neutron incorrectly handled\nextra_dhcp_opts values. An attacker could possibly use this issue to\nreconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu\n20.04 LTS. (CVE-2021-40085)\n\nSlawek Kaplonski discovered that OpenStack Neutron incorrectly handled the\nroutes middleware. An attacker could possibly use this issue to cause the\nAPI worker to consume memory, leading to a denial of service. This issue\nonly affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797)\n\nIt was discovered that OpenStack Neutron incorrectly handled certain\nqueries. A remote authenticated user could possibly use this issue to cause\nresource consumption, leading to a denial of service. (CVE-2022-3277)\n",
  "id": "USN-6067-1",
  "modified": "2026-04-27T14:11:30Z",
  "published": "2023-05-10T11:30:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6067-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-20267"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-38598"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-40085"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-40797"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-3277"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "neutron vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2021-20267",
    "UBUNTU-CVE-2021-38598",
    "UBUNTU-CVE-2021-40085",
    "UBUNTU-CVE-2021-40797",
    "UBUNTU-CVE-2022-3277"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…