CVE-2017-5936

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-5936

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5936.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-5936

Aliases

Downstream

UBUNTU-CVE-2017-5936

USN-3195-1

Published

2017-04-12T22:59:00.740Z

Modified

2025-12-11T01:55:32.240053Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

References

Affected packages

Git / github.com/openstack-archive/nova-lxd

Affected ranges

Type: GIT
Repo: https://github.com/openstack-archive/nova-lxd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1b76cefb92081efa1e88cd8f330253f857028bd2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5936.json"

Git / github.com/openstack/nova-lxd

Affected ranges

Type: GIT
Repo: https://github.com/openstack/nova-lxd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5936.json"