From 5bfba3e739b9988206a51fc564a05cc32b23a791 Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Tue, 10 Aug 2021 16:41:27 +0000 Subject: [PATCH] Add OSSA-2021-004 (CVE-2021-38598) Change-Id: I91b44e7fab3209170efd8dc594cb1b442ee48c2d Closes-Bug: #1938670 --- ossa/OSSA-2021-004.yaml | 56 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 ossa/OSSA-2021-004.yaml diff --git a/ossa/OSSA-2021-004.yaml b/ossa/OSSA-2021-004.yaml new file mode 100644 index 0000000..c2a6d7d --- /dev/null +++ b/ossa/OSSA-2021-004.yaml @@ -0,0 +1,56 @@ +date: 2021-08-17 + +id: OSSA-2021-004 + +title: Linuxbridge ARP filter bypass on Netfilter platforms + +description: > + Jake Yip with ARDC and Justin Mammarella with the University of Melbourne + reported a vulnerability in Neutron's linuxbridge driver on newer + Netfilter-based platforms (the successor to IPTables). By sending carefully + crafted packets, anyone in control of a server instance connected to the + virtual switch can impersonate the hardware addresses of other systems on the + network, resulting in denial of service or in some cases possibly + interception of traffic intended for other destinations. Only deployments + using the linuxbridge driver with ebtables-nft are affected. + +affected-products: + - product: Neutron + version: '<16.4.1, >=17.0.0 <17.1.3, ==18.0.0' + +vulnerabilities: + - cve-id: CVE-2021-38598 + +reporters: + - name: Jake Yip + affiliation: ARDC + reported: + - CVE-2021-38598 + - name: Justin Mammarella + affiliation: University of Melbourne + reported: + - CVE-2021-38598 + +issues: + links: + - https://launchpad.net/bugs/1938670 + +reviews: + xena: + - https://review.opendev.org/785177 + + wallaby: + - https://review.opendev.org/785917 + + victoria: + - https://review.opendev.org/804056 + + ussuri: + - https://review.opendev.org/804057 + + train: + - https://review.opendev.org/804058 + +notes: + - The stable/train branch is under extended maintenance and will receive no + new point releases, but a patch for it is provided as a courtesy.