CVE-2017-5936

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-5936

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5936.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-5936

Aliases

Related

Published

2017-04-12T22:59:00Z

Modified

2025-01-15T00:01:33Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

References

Affected packages

Git / github.com/openstack-archive/nova-lxd

Affected ranges

Type: GIT
Repo: https://github.com/openstack-archive/nova-lxd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1b76cefb92081efa1e88cd8f330253f857028bd2

Fixed

1b76cefb92081efa1e88cd8f330253f857028bd2

Type: GIT
Repo: https://github.com/openstack/nova-lxd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0355e1c22bc93d05f4351b7a77cb70f563e1f8b0