Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2014:1938 - Security Advisory
Issued:
2014-12-02
Updated:
2014-12-02

RHSA-2014:1938 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-neutron security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openstack-neutron packages that fix one security issue and one bug
are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for
Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines. As of Red
Hat Enterprise Linux OpenStack Platform 4.0, 'neutron' replaces 'quantum'
as the core component of OpenStack Networking.

A denial of service flaw was found in the way neutron handled the
'dns_nameservers' parameter. By providing specially crafted
'dns_nameservers' values, an authenticated user could use this flaw to
crash the neutron service. (CVE-2014-7821)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Henry Yamauchi, Charles Neill, and Michael Xin
(Rackspace) as the original reporters.

This update also fixes the following bug:

  • The "/var/log/neutron/" directory was world-readable. With this update,

world-read permissions have been removed. (BZ#1149688)

All openstack-neutron users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 5.0 for RHEL 6 x86_64

Fixes

  • BZ - RHSA-2014:1938 - /var/log/neutron/ and all logs within it are world readable.
  • BZ - RHSA-2014:1938 - CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers

CVEs

  • CVE-2014-7821

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 5.0 for RHEL 6

SRPM
openstack-neutron-2014.1.3-12.el6ost.src.rpm SHA-256: 86259d7e900e58a0f0436832b31cfbb16b1fa9b0ba80ef8ab59c21fc5d5520d5
x86_64
openstack-neutron-2014.1.3-12.el6ost.noarch.rpm SHA-256: 7a23ba50118e84da7104c5129405db5b90ad2f139c9419916d81159a02b141f3
openstack-neutron-bigswitch-2014.1.3-12.el6ost.noarch.rpm SHA-256: c80c8019ffd5ee18df9346363e6460099a33ffc678098475821cdb36584825cf
openstack-neutron-brocade-2014.1.3-12.el6ost.noarch.rpm SHA-256: 017b2c6f0ae0c2ba4ea3c6979052f1fbdef11e5e84c4c989dd61df13d243977d
openstack-neutron-cisco-2014.1.3-12.el6ost.noarch.rpm SHA-256: a3f88bb543d4ba6e7145fc4c5f5cce50800ca1ff464286d4da104faed3d64ccf
openstack-neutron-embrane-2014.1.3-12.el6ost.noarch.rpm SHA-256: e4d8dc5781f7da22f8bd468a02853c465a3cdb8820b5e675d1c25f27cff235ae
openstack-neutron-hyperv-2014.1.3-12.el6ost.noarch.rpm SHA-256: 697bf2b089eca3b81864d10ae90666d92786dc0f8005ac544bdfe12d4bfa5f00
openstack-neutron-ibm-2014.1.3-12.el6ost.noarch.rpm SHA-256: ec9e341552e053c67f1c6758f22dcf448a0176abb8146fd8cfd3e8a9d74ce9a4
openstack-neutron-linuxbridge-2014.1.3-12.el6ost.noarch.rpm SHA-256: 40e5da2b1a72d8163dbd689b0cf462b549e4835fb22bd4108f4f639dd7e6d021
openstack-neutron-mellanox-2014.1.3-12.el6ost.noarch.rpm SHA-256: f2c3f8977df26ba95c95ba178913f9ba32e28d5155b59702822cf0aece322955
openstack-neutron-metaplugin-2014.1.3-12.el6ost.noarch.rpm SHA-256: 29e953fa5d70fa1ab2fd2d88b77030eb61a3e49412eb6fdd105987eb91255eef
openstack-neutron-metering-agent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 550cca74774296cd3c0a911a0b329d3c644102e28040b917689407afe15b3e5e
openstack-neutron-midonet-2014.1.3-12.el6ost.noarch.rpm SHA-256: d4368fe5c0784a0f5b2d03a5371b308832ad1287e2fecca140a3e281b4d6f0d5
openstack-neutron-ml2-2014.1.3-12.el6ost.noarch.rpm SHA-256: e47e07bd1eac8688201d84928befe4c625835fecfe503e4e99776fb220f77476
openstack-neutron-nec-2014.1.3-12.el6ost.noarch.rpm SHA-256: 51da97d023b7a3c0813708689131d21bca0da568a81be177a736cb483da07d39
openstack-neutron-nuage-2014.1.3-12.el6ost.noarch.rpm SHA-256: ddd545ff75d6e9dfe6fc73ab8e690c36397cba99d57b5fc3eb7d46348a2b5a19
openstack-neutron-ofagent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 9dcf50dfec63ad0f922ecb99fdff4f7a8058ae3bfb3cceba522f953271cb3032
openstack-neutron-oneconvergence-nvsd-2014.1.3-12.el6ost.noarch.rpm SHA-256: 1e025d577afa95864a5ae28102286cabe09c7c86db610bd9bed9a6952a375ff9
openstack-neutron-openvswitch-2014.1.3-12.el6ost.noarch.rpm SHA-256: 15b095af1591a5d36c185396a25248a50aa59e2eabd5e7e2b836226fd886be04
openstack-neutron-plumgrid-2014.1.3-12.el6ost.noarch.rpm SHA-256: 412308399316d17aad60f024162666debbe501ba8e07fac4d9ea230f924c49ce
openstack-neutron-ryu-2014.1.3-12.el6ost.noarch.rpm SHA-256: 61058bc4f149120ed76492e328d14c41fe085cacde90bac659a3503f74c7ff20
openstack-neutron-vmware-2014.1.3-12.el6ost.noarch.rpm SHA-256: 635a7365404f7feca51823a5fa86560e40a4e060389dfc16d75bcdf093e8bcb3
openstack-neutron-vpn-agent-2014.1.3-12.el6ost.noarch.rpm SHA-256: 062ee44bf99d8dd62f26534f720536b3fb6e267f207d2e302b0d464f26d57190
python-neutron-2014.1.3-12.el6ost.noarch.rpm SHA-256: 2c886ba60cade40f5efe5a7ecf85efe6bf45910217823c037f810c2df06bc071

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook