Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2014:1942 - Security Advisory
Issued:
2014-12-02
Updated:
2014-12-02

RHSA-2014:1942 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-neutron security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openstack-neutron packages that fix one security issue and several
bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0
for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven
system that provisions networking services to virtual machines. Its main
function is to manage connectivity to and from virtual machines. As of Red
Hat Enterprise Linux OpenStack Platform 4.0, 'neutron' replaces 'quantum'
as the core component of OpenStack Networking.

A denial of service flaw was found in the way neutron handled the
'dns_nameservers' parameter. By providing specially crafted
'dns_nameservers' values, an authenticated user could use this flaw to
crash the neutron service. (CVE-2014-7821)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Henry Yamauchi, Charles Neill, and Michael Xin
(Rackspace) as the original reporters.

This update also fixes the following bugs:

  • Prior to this update, the network name and UUID were not sent to N1KV

during the subnet creation process. Consequently, N1KV was unable to
properly associate the network and subnet in its local configuration.
This update addresses this issue by sending the required network name and
UUID during subnet creation, with the result that they are now properly
associated on the N1KV. (BZ#1118508)

  • Previously, a rollback did not result in all entries being cleared from

the N1KV-specific database tables, resulting in the presence of stale
entries. This update addresses the issue by performing a proper cleanup of
all N1KV tables. Consequently, stale entries are no longer left in the N1KV
tables. (BZ#1124991)

  • Previously, the N1KV OpenStack Networking (neutron) plug-in did not sent

the subtype for overlay networks during the network segment pool creation
process. This update addresses this issue by sending the required details
during the creation process. (BZ#1130336)

All openstack-neutron users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 5.0 for RHEL 7 x86_64

Fixes

  • BZ - RHSA-2014:1942 - Clear entries in Cisco N1KV specific tables on rollback
  • BZ - RHSA-2014:1942 - Neutron refuses to delete instance associated with multiple floating addresses
  • BZ - RHSA-2014:1942 - Unable to delete 'active' namespaces via cleanup utility with "force" attribute
  • BZ - RHSA-2014:1942 - CVE-2014-7821 openstack-neutron: DoS via maliciously crafted dns_nameservers
  • BZ - RHSA-2014:1942 - dhcp assignments aren't updated on neutron-dhcp-agent restart

CVEs

  • CVE-2014-7821

References

  • http://www.redhat.com/security/updates/classification/#normal
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 5.0 for RHEL 7

SRPM
openstack-neutron-2014.1.3-11.el7ost.src.rpm SHA-256: c206e47dd16b79579b54d3c9f32cb3e622b19f6b5aed32f69719a57e59ef21b9
x86_64
openstack-neutron-2014.1.3-11.el7ost.noarch.rpm SHA-256: e14fffdae8382a23199d5542c095e9eda956ab2aa793e92ed3958bc3470d0b0d
openstack-neutron-bigswitch-2014.1.3-11.el7ost.noarch.rpm SHA-256: 46d1621a4e14637e4d18455c3ed692907cbd4d0dbe152d8e26f8de1adde097b0
openstack-neutron-brocade-2014.1.3-11.el7ost.noarch.rpm SHA-256: c47c438c8c8de08233c561e6db4283ba2359014f6545bc622b639581842ee9ec
openstack-neutron-cisco-2014.1.3-11.el7ost.noarch.rpm SHA-256: 9d6c22f2fee5b6f44264940003253fc3c8919cbc66c3792379e5cf42b41cce0c
openstack-neutron-embrane-2014.1.3-11.el7ost.noarch.rpm SHA-256: a1749beefedf01a6925056ef3e5f8c9bb0f10732ed579bdcc0f8b3926e133b8a
openstack-neutron-hyperv-2014.1.3-11.el7ost.noarch.rpm SHA-256: 4f35bdb4b724316022c654410d30dca14ee9f8e0d895505cf1b52e31728f7ca5
openstack-neutron-ibm-2014.1.3-11.el7ost.noarch.rpm SHA-256: d6efeffadd5e33f3e115ba5f1267d2745d8833cdf829bba73d2bc99071d58170
openstack-neutron-linuxbridge-2014.1.3-11.el7ost.noarch.rpm SHA-256: 60afd7ad0ee2d3c373d987fb21da19a968112d7f95310d2c7d52206e2f1d9569
openstack-neutron-mellanox-2014.1.3-11.el7ost.noarch.rpm SHA-256: 6373f573a24b6622dbaa44e6f2192d428679e263479323bb8b51482840e60d89
openstack-neutron-metaplugin-2014.1.3-11.el7ost.noarch.rpm SHA-256: 468db3fcb229bbd726fa6cdc4cfe28b5a747fedd796e14baf5981c537ea7a32d
openstack-neutron-metering-agent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 2e646ffa7d988c9d8a3e35b139fa95bfccc908ace18ab017f24082eee24c9f2b
openstack-neutron-midonet-2014.1.3-11.el7ost.noarch.rpm SHA-256: 3ccbca545fd5c009effb40ed2c54967c0b59e6e62a9dc598c9b65f5026e570ad
openstack-neutron-ml2-2014.1.3-11.el7ost.noarch.rpm SHA-256: f9525bae628b5368d17f233d7caec5720bb4a0ae23158bba40d8522b01e8ac41
openstack-neutron-nec-2014.1.3-11.el7ost.noarch.rpm SHA-256: 514263b10558b9b1a1d35f7ac806785ec6c76d9f28e744db69256df023215a2a
openstack-neutron-nuage-2014.1.3-11.el7ost.noarch.rpm SHA-256: 5b8e4a63f60e78d465edd825b4e941f113cb6407ae618ab7e28221c11dd4e044
openstack-neutron-ofagent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 75175faf81819d6832e64ed4fe322e771038d67f1a4c758f9433b8a1523cf2c5
openstack-neutron-oneconvergence-nvsd-2014.1.3-11.el7ost.noarch.rpm SHA-256: 139396523386dfb0cd9c5acf387b0df6fd9c5f858013c9b4a6ea5c4446bc8e2d
openstack-neutron-openvswitch-2014.1.3-11.el7ost.noarch.rpm SHA-256: e3b4bac844cadf9904453030367f8946932218de7e6e40ad94cbce06fcb89cbe
openstack-neutron-plumgrid-2014.1.3-11.el7ost.noarch.rpm SHA-256: 8588f89bcbe07db88e30cdfbd98d240e7e523615c126f91ceb28f2c68555255d
openstack-neutron-ryu-2014.1.3-11.el7ost.noarch.rpm SHA-256: 4432a51cfb1e87aca8e08ba59561c15555f46131f927c99c97b860ac38c97bb8
openstack-neutron-vmware-2014.1.3-11.el7ost.noarch.rpm SHA-256: ab0793de65a1b73c91aa2fb7d286a0fbe05a92a4f9f06b4ea58fae1c124cba11
openstack-neutron-vpn-agent-2014.1.3-11.el7ost.noarch.rpm SHA-256: 994daaf50e891762e6fe68803d331e157c463ce74c7439df94856f94086f4d3f
python-neutron-2014.1.3-11.el7ost.noarch.rpm SHA-256: 090c80d6b2fa330048fa9d51c85f30b5125fd64a420ad8dfe40df577c51cfc69

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook