DEBIAN-CVE-2022-37394

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2022-37394

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37394.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-37394

Upstream

CVE-2022-37394

Published

2022-08-03T07:15:07Z

Modified

2025-09-25T07:41:26.702237Z

Summary

[none]

Details

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnictype, creating an instance bound to that port, and then changing the vnictype of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.

References

https://security-tracker.debian.org/tracker/CVE-2022-37394

Affected packages

Debian:11 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:22.*

2:22.0.1-2

2:22.0.1-2+deb11u1

2:22.4.0-1~deb11u5

2:23.*

2:23.0.0~rc1-1

2:23.0.0-1

2:23.0.1-1

2:23.0.2-1

2:23.0.2-3

2:24.*

2:24.0.0~rc1-1

2:24.0.0~rc1-2

2:24.0.0~rc1-3

2:24.0.0~rc1-4

2:24.0.0-1

2:24.0.0-2

2:25.*

2:25.0.0~rc1-1

2:25.0.0~rc1-2

2:25.0.0-1

2:25.0.0-2

2:25.0.0-3

2:25.0.0-4

2:25.0.0-5

2:25.0.0-6

2:25.0.1-1

2:25.0.1-2

2:25.0.1-3

2:26.*

2:26.0.0~rc1-1

2:26.0.0~rc1-2

2:26.0.0~rc1-3

2:26.0.0-1

2:26.0.0-1.1

2:26.0.0-2

2:26.0.0-4

2:26.0.0-5

2:26.0.0-6

2:26.1.0-1

2:26.1.0-2

2:26.1.0-4

2:26.2.2-1~deb12u3

2:27.*

2:27.0.0~rc1-1

2:27.0.0-1

2:27.0.0-2

2:27.0.0-3

2:27.0.0-4

2:27.0.0-5

2:27.0.0-6

2:28.*

2:28.0.0~rc1-1

2:28.0.0-1

2:28.0.0-2

2:29.*

2:29.0.0~rc1-1

2:29.0.1-1

2:29.0.1-2

2:29.0.1-3

2:29.0.1-4

2:29.0.1-5

2:29.0.1-6

2:29.0.2-1

2:29.0.2-2

2:29.0.2-4

2:30.*

2:30.0.0~rc1-1

2:30.0.0-1

2:30.0.0-2

2:30.0.0-3

2:30.0.0-4

2:30.0.0-5

2:30.0.0-6

2:30.0.0-7

2:30.0.0-8

2:31.*

2:31.0.0~rc1-1

2:31.0.0~rc1-2

2:31.0.0-1

2:31.0.0-2

2:31.0.0-3

2:31.0.0-4

2:31.0.0-5

2:31.0.0-6

2:31.0.0-7

2:32.*

2:32.0.0~rc1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:26.0.0~rc1-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:26.0.0~rc1-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:26.0.0~rc1-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}