The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "neutron-bgp-dragent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-common", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-dhcp-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-l3-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-linuxbridge-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-macvtap-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-metadata-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-metering-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-openvswitch-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-plugin-linuxbridge-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-plugin-ml2", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-plugin-openvswitch-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-plugin-sriov-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-server", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "neutron-sriov-agent", "binary_version": "2:8.4.0-0ubuntu4" }, { "binary_name": "python-neutron", "binary_version": "2:8.4.0-0ubuntu4" } ] }