CVE-2018-14636
First published: Mon Sep 10 2018(Updated: )
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenStack Neutron | >=7.0.0<=11.0.4 | |
| OpenStack Neutron | >=12.0.0<=12.0.2 | |
| OpenStack Neutron | =13.0.0-b1 | |
| pip/neutron | >=11.0.0<11.0.5 | 11.0.5 |
| pip/neutron | >=12.0.0<12.0.3 | 12.0.3 |
| pip/neutron | =13.0.0.0b1 | 13.0.0.0b2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugs.launchpad.net/neutron/+bug/1734320
- https://bugs.launchpad.net/neutron/+bug/1767422
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
- https://nvd.nist.gov/vuln/detail/CVE-2018-14636
- https://github.com/advisories/GHSA-8q95-jj7p-x93x (Advisory)
- https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
Frequently Asked Questions
What is CVE-2018-14636?
CVE-2018-14636 is a vulnerability in OpenStack Neutron that allows live-migrated instances to inspect traffic for other instances on the same hypervisor.
What is the severity of CVE-2018-14636?
The severity of CVE-2018-14636 is medium, with a severity value of 5.3.
How can the brief window of traffic inspection be extended indefinitely in CVE-2018-14636?
The brief window of traffic inspection in CVE-2018-14636 can be extended indefinitely by setting the instance's port administratively down prior to live-migration and keeping it down after the migration is complete.
Which versions of OpenStack Neutron are affected by CVE-2018-14636?
CVE-2018-14636 affects OpenStack Neutron versions between 7.0.0 and 11.0.4, between 12.0.0 and 12.0.2, and version 13.0.0-b1.
Where can I find more information about CVE-2018-14636?
More information about CVE-2018-14636 can be found at the following references: [Link 1](https://bugs.launchpad.net/neutron/+bug/1734320), [Link 2](https://bugs.launchpad.net/neutron/+bug/1767422), [Link 3](https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636)
- collector/nvd-index
- agent/type
- agent/weakness
- agent/severity
- agent/description
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/first-publish-date
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-8q95-jj7p-x93x
- alias/CVE-2018-14636
- agent/references
- agent/last-modified-date
- agent/tags
- collector/github-advisory
- agent/trending
- vendor/openstack
- canonical/openstack neutron
- version/openstack neutron/7.0.0
- version/openstack neutron/11.0.4
- version/openstack neutron/12.0.0
- version/openstack neutron/12.0.2
- version/openstack neutron/13.0.0-b1
- package-manager/pip