CVE-2014-4167

OpenStack Neutron <2013.2.4, 2014.x <2014.1.2, Juno-2 - DoS

Title source: llm

Description

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

References (4)

[Mailing List, Third Party Advisory] http://seclists.org/oss-sec/2014/q2/572

[Permissions Required] http://secunia.com/advisories/59533

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2255-1

[Issue Tracking, Vendor Advisory] https://bugs.launchpad.net/neutron/+bug/1309195

Scores

EPSS 0.0056

EPSS Percentile 67.9%

Classification

CWE

CWE-264

Status draft

Affected Products (5)

openstack/neutron < 2013.2.3

openstack/neutron

canonical/ubuntu_linux

Timeline

Published Jul 11, 2014

Tracked Since Feb 18, 2026