=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN405
_____________________________________________________________________

DATE                : 19/08/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running OpenStack Neutron versions prior
                          to 16.4.1, 17.x prior to 17.1.3 and 18.0.0.

=====================================================================
https://security.openstack.org/ossa/OSSA-2021-004.html
_____________________________________________________________________

OSSA-2021-004: Linuxbridge ARP filter bypass on Netfilter platforms


Date

    August 17, 2021
CVE

    CVE-2021-38598

Affects

    Neutron: <16.4.1, >=17.0.0 <17.1.3, ==18.0.0

Description

Jake Yip with ARDC and Justin Mammarella with the University of
Melbourne reported a vulnerability in Neutron’s linuxbridge driver on
newer Netfilter-based platforms (the successor to IPTables). By sending
carefully crafted packets, anyone in control of a server instance
connected to the virtual switch can impersonate the hardware addresses
of other systems on the network, resulting in denial of service or in
some cases possibly interception of traffic intended for other
destinations. Only deployments using the linuxbridge driver with
ebtables-nft are affected.


Patches

    https://review.opendev.org/804058 (Train)

    https://review.opendev.org/804057 (Ussuri)

    https://review.opendev.org/804056 (Victoria)

    https://review.opendev.org/785917 (Wallaby)

    https://review.opendev.org/785177 (Xena)


Credits

    Jake Yip from ARDC (CVE-2021-38598)

    Justin Mammarella from University of Melbourne (CVE-2021-38598)


References

    https://launchpad.net/bugs/1938670

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38598


Notes

    The stable/train branch is under extended maintenance and will
receive no new point releases, but a patch for it is provided as a
courtesy.



=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================