What is the vulnerability ID for this OpenStack Neutron vulnerability?

The vulnerability ID for this OpenStack Neutron vulnerability is USN-4036-1.

What is the impact of this vulnerability?

An authenticated attacker could use this vulnerability to block further application of security group rules for other instances.

How can I check if I am affected by this vulnerability?

You can check if you are affected by this vulnerability by verifying the version of the affected software on your Ubuntu system.

How do I fix this vulnerability?

To fix this vulnerability, update the affected packages to the specified versions available from the Ubuntu repositories.

Where can I find more information about this vulnerability?

More information about this vulnerability can be found on the Ubuntu security advisory page and the launchpad.net links provided in the references.

Vulnerability/
USN-4036-1

25/6/2019

USN-4036-1: OpenStack Neutron vulnerability

First published: Tue Jun 25 2019(Updated: )

Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances.

Affected Software	Affected Version	How to fix
All of
ubuntu/python-neutron	<2:13.0.2-0ubuntu3.4	2:13.0.2-0ubuntu3.4
Ubuntu Ubuntu	=18.10
All of
ubuntu/python3-neutron	<2:13.0.2-0ubuntu3.4	2:13.0.2-0ubuntu3.4
Ubuntu Ubuntu	=18.10
All of
ubuntu/python-neutron	<2:8.4.0-0ubuntu7.4	2:8.4.0-0ubuntu7.4
Ubuntu Ubuntu	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2019-9735

Frequently Asked Questions

What is the vulnerability ID for this OpenStack Neutron vulnerability?
The vulnerability ID for this OpenStack Neutron vulnerability is USN-4036-1.
What is the impact of this vulnerability?
An authenticated attacker could use this vulnerability to block further application of security group rules for other instances.
How can I check if I am affected by this vulnerability?
You can check if you are affected by this vulnerability by verifying the version of the affected software on your Ubuntu system.
How do I fix this vulnerability?
To fix this vulnerability, update the affected packages to the specified versions available from the Ubuntu repositories.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found on the Ubuntu security advisory page and the launchpad.net links provided in the references.

agent/references
agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/title
agent/event
agent/tags
agent/description
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/trending
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/18.10
version/ubuntu ubuntu/16.04

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.