Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-40085

Опубликовано: 31 авг. 2021
Источник: redhat
CVSS3: 7.6
EPSS Низкий

Описание

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.

An input-validation flaw was found in openstack-neutron, where an authenticated attacker could change the dnsmasq configuration. By crafting extra_dhcp_opts values, the attacker could crash the dnsmasq, change parameters for tenants sharing the same interface, or otherwise alter that daemon’s behavior. This flaw might also be used to trigger a configuration parsing buffer overflow in versions of dnsmasq prior to 2.81. The highest threat from this vulnerability is to system availability, but also threatens data confidentiality and integrity.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Integration Camel K 1openstack-neutronNot affected
Red Hat OpenStack Platform 10.0 (Newton)openstack-neutronFixedRHSA-2021:350213.09.2021
Red Hat OpenStack Platform 13.0 - ELSopenstack-neutronFixedRHSA-2021:350313.09.2021
Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUSopenstack-neutronFixedRHSA-2021:350313.09.2021
Red Hat OpenStack Platform 16.1openstack-neutronFixedRHSA-2021:348109.09.2021
Red Hat OpenStack Platform 16.2openstack-neutronFixedRHSA-2021:348815.09.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1998052openstack-neutron: arbitrary dnsmasq reconfiguration via extra_dhcp_opts

EPSS

Процентиль: 61%
0.00412
Низкий

7.6 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-40085

CVSS3: 6.5
ubuntu
больше 4 лет назад

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.

nvd логотип

CVE-2021-40085

CVSS3: 6.5
nvd
больше 4 лет назад

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.

debian логотип

CVE-2021-40085

CVSS3: 6.5
debian
больше 4 лет назад

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x befor ...

github логотип

GHSA-fh73-gjvg-349c

CVSS3: 6.5
github
больше 3 лет назад

OpenStack Neutron vulnerable to authenticated attackers reconfiguring dnsmasq via crafted extra_dhcp_opts value

EPSS

Процентиль: 61%
0.00412
Низкий

7.6 High

CVSS3