Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2014:1938 - Security Advisory
Issued:
2014-12-02
Updated:
2014-12-02

RHSA-2014:1938 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-neutron security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openstack-neutron packages that fix one security issue and one bug
are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for
Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines. As of Red
Hat Enterprise Linux OpenStack Platform 4.0, 'neutron' replaces 'quantum'
as the core component of OpenStack Networking.

A denial of service flaw was found in the way neutron handled the
'dns_nameservers' parameter. By providing specially crafted
'dns_nameservers' values, an authenticated user could use this flaw to
crash the neutron service. (CVE-2014-7821)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Henry Yamauchi, Charles Neill, and Michael Xin
(Rackspace) as the original reporters.

This update also fixes the following bug:

  • The "/var/log/neutron/" directory was world-readable. With this update,

world-read permissions have been removed. (BZ#1149688)

All openstack-neutron users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 5.0 for RHEL 6 x86_64

Fixes

  • BZ - RHSA-2014:1938 - /var/log/neutron/ and all logs within it are world readable.
  • BZ - RHSA-2014:1938 - CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers

CVEs

  • CVE-2014-7821

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 5.0 for RHEL 6

SRPM
openstack-neutron-2014.1.3-12.el6ost.src.rpm SHA-256: 86259d7e900e58a0f0436832b31cfbb16b1fa9b0ba80ef8ab59c21fc5d5520d5
x86_64
openstack-neutron-2014.1.3-12.el6ost.noarch.rpm SHA-256: 7a23ba50118e84da7104c5129405db5b90ad2f139c9419916d81159a02b141f3
openstack-neutron-bigswitch-2014.1.3-12.el6ost.noarch.rpm SHA-256: c80c8019ffd5ee18df9346363e6460099a33ffc678098475821cdb36584825cf
openstack-neutron-brocade-2014.1.3-12.el6ost.noarch.rpm SHA-256: 017b2c6f0ae0c2ba4ea3c6979052f1fbdef11e5e84c4c989dd61df13d243977d
openstack-neutron-cisco-2014.1.3-12.el6ost.noarch.rpm SHA-256: a3f88bb543d4ba6e7145fc4c5f5cce50800ca1ff464286d4da104faed3d64ccf
openstack-neutron-embrane-2014.1.3-12.el6ost.noarch.rpm SHA-256: e4d8dc5781f7da22f8bd468a02853c465a3cdb8820b5e675d1c25f27cff235ae
openstack-neutron-hyperv-2014.1.3-12.el6ost.noarch.rpm SHA-256: 697bf2b089eca3b81864d10ae90666d92786dc0f8005ac544bdfe12d4bfa5f00
openstack-neutron-ibm-2014.1.3-12.el6ost.noarch.rpm SHA-256: ec9e341552e053c67f1c6758f22dcf448a0176abb8146fd8cfd3e8a9d74ce9a4
openstack-neutron-linuxbridge-2014.1.3-12.el6ost.noarch.rpm SHA-256: 40e5da2b1a72d8163dbd689b0cf462b549e4835fb22bd4108f4f639dd7e6d021
openstack-neutron-mellanox-2014.1.3-12.el6ost.noarch.rpm SHA-256: f2c3f8977df26ba95c95ba178913f9ba32e28d5155b59702822cf0aece322955
openstack-neutron-metaplugin-2014.1.3-12.el6ost.noarch.rpm SHA-256: 29e953fa5d70fa1ab2fd2d88b77030eb61a3e49412eb6fdd105987eb91255eef
openstack-neutron-metering-agent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 550cca74774296cd3c0a911a0b329d3c644102e28040b917689407afe15b3e5e
openstack-neutron-midonet-2014.1.3-12.el6ost.noarch.rpm SHA-256: d4368fe5c0784a0f5b2d03a5371b308832ad1287e2fecca140a3e281b4d6f0d5
openstack-neutron-ml2-2014.1.3-12.el6ost.noarch.rpm SHA-256: e47e07bd1eac8688201d84928befe4c625835fecfe503e4e99776fb220f77476
openstack-neutron-nec-2014.1.3-12.el6ost.noarch.rpm SHA-256: 51da97d023b7a3c0813708689131d21bca0da568a81be177a736cb483da07d39
openstack-neutron-nuage-2014.1.3-12.el6ost.noarch.rpm SHA-256: ddd545ff75d6e9dfe6fc73ab8e690c36397cba99d57b5fc3eb7d46348a2b5a19
openstack-neutron-ofagent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 9dcf50dfec63ad0f922ecb99fdff4f7a8058ae3bfb3cceba522f953271cb3032
openstack-neutron-oneconvergence-nvsd-2014.1.3-12.el6ost.noarch.rpm SHA-256: 1e025d577afa95864a5ae28102286cabe09c7c86db610bd9bed9a6952a375ff9
openstack-neutron-openvswitch-2014.1.3-12.el6ost.noarch.rpm SHA-256: 15b095af1591a5d36c185396a25248a50aa59e2eabd5e7e2b836226fd886be04
openstack-neutron-plumgrid-2014.1.3-12.el6ost.noarch.rpm SHA-256: 412308399316d17aad60f024162666debbe501ba8e07fac4d9ea230f924c49ce
openstack-neutron-ryu-2014.1.3-12.el6ost.noarch.rpm SHA-256: 61058bc4f149120ed76492e328d14c41fe085cacde90bac659a3503f74c7ff20
openstack-neutron-vmware-2014.1.3-12.el6ost.noarch.rpm SHA-256: 635a7365404f7feca51823a5fa86560e40a4e060389dfc16d75bcdf093e8bcb3
openstack-neutron-vpn-agent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 062ee44bf99d8dd62f26534f720536b3fb6e267f207d2e302b0d464f26d57190
python-neutron-2014.1.3-12.el6ost.noarch.rpm SHA-256: 2c886ba60cade40f5efe5a7ecf85efe6bf45910217823c037f810c2df06bc071

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility