Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:2451 - Security Advisory
Issued:
2017-08-08
Updated:
2017-08-08

RHSA-2017:2451 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: openstack-neutron security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openstack-neutron is now available for Red Hat OpenStack Platform 8.0 (Liberty).

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines.

Security Fix(es):

  • A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources. (CVE-2017-7543)

This issue was discovered by Paul Needle (Red Hat).

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack 8 x86_64

Fixes

  • BZ - 1473792 - CVE-2017-7543 openstack-neutron: iptables not active after update

CVEs

  • CVE-2017-7543

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 8

SRPM
openstack-neutron-7.2.0-12.1.el7ost.src.rpm SHA-256: 41a5a0a6fe241caf1589a35712914dc78c5653b331cf94a934e1620c420c9127
x86_64
openstack-neutron-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 0ae089320ec63527a40a3c76fe208091b14092232567760934df1b4f57b11233
openstack-neutron-bigswitch-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 7434ab3c779a8b04b460706833780d7dadce083d11013f0ebdab74bb8be692d2
openstack-neutron-brocade-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 8834db76f4aa3ade1f232a04890055b355c9a7c202d5c03e774a84db3d925b0d
openstack-neutron-cisco-7.2.0-12.1.el7ost.noarch.rpm SHA-256: e53b0e21310f336348577ccc904bc0d32fc5771459f8621b62c26b084ade4597
openstack-neutron-common-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 20918cb9d28d67adb91210d91105ffce88b88d373cf6086019e8c372e0b13266
openstack-neutron-dev-server-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 5ecc70e880e2646e2198f70dc955141bb9d937236e281729995e5c4ebe6cfc02
openstack-neutron-embrane-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 19605f8ca1c41712807f847e8d0e28bc3d03d1254c47b7584874718d36384b9a
openstack-neutron-linuxbridge-7.2.0-12.1.el7ost.noarch.rpm SHA-256: dd7c8ebeb724e38829c21ae2e93b3124d223193630353715eb30a5024df33294
openstack-neutron-mellanox-7.2.0-12.1.el7ost.noarch.rpm SHA-256: ac2017d39b7d408afb46974852ea3da673006ca207e2c26b9cb580de7c7b80d3
openstack-neutron-metering-agent-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 7d4612126ad36a9522ee8f6d4832848a1af94fba0f0b29b15c3086697ea7b8ac
openstack-neutron-ml2-7.2.0-12.1.el7ost.noarch.rpm SHA-256: b88a74d2f1fc6382b79e458e919b12f12c153c19613b37099798bf538c951606
openstack-neutron-nuage-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 703e88d3b94bdb8bdd7de5173ad9c9d5dafe709bd256d37780f75cca574609e4
openstack-neutron-ofagent-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 255dcef9ff54516ea37121d0348f088d40ceae010fbbdd9451c2ee565698e3d8
openstack-neutron-oneconvergence-nvsd-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 3741bec1398567b0ce684e017fe266546cdb6178697f91fb1a894f9ce3c4ba5e
openstack-neutron-opencontrail-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 07b7dcd134bda7d06512cfbaeef8a93ebe4f82c7bc3dbaef1548a6ff8bca2bbd
openstack-neutron-openvswitch-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 743589a41d122a88cda8e5d40e581c528460964d4ff094664bb6f15850cdb3bf
openstack-neutron-ovsvapp-7.2.0-12.1.el7ost.noarch.rpm SHA-256: d0a10e7e8b40cc2ee9858840624e0e86ef48938a57f911d1afaa8204cc8ee296
openstack-neutron-rpc-server-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 68c7fb4a4719e7cf95c0a6062be2d09211a87ca903ceb78934f869c13889eb62
openstack-neutron-sriov-nic-agent-7.2.0-12.1.el7ost.noarch.rpm SHA-256: a07d8f0f6b93733df69a7df97f4acb5823c931423dceacf1487f6d1c9a7afe54
python-neutron-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 3cd520beabb746500d7128e565a107a39948aed3ecfa5858f8c9349675335815
python-neutron-tests-7.2.0-12.1.el7ost.noarch.rpm SHA-256: 9cba06c4896839b4bd62582713fdfb09e8e7e99cbe4a3d10b20b62becaf2cf24

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter