======================================================================

                                   CERT-Renater

                          Note d'Information No. 2024/VULN513
_____________________________________________________________________

DATE                : 04/12/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Neutron versions prior to
                                23.2.1, 24.0.2, 25.0.1.

=====================================================================
https://security.openstack.org/ossa/OSSA-2024-005.html
_____________________________________________________________________

OSSA-2024-005: Authorization bypassed when setting tags on Neutron
networks

Date:

      December 03, 2024
CVE:

      CVE-2024-53916

Affects

      Neutron: >=23.0.0 <23.2.1, >=24.0.0 <24.0.2, >=25.0.0 <25.0.1

Description

Tore Anderson of Redpill Linpro AS discovered that Neutron does
not apply the proper policy check for changing network tags. An
unprivileged tenant is able to change (add and clear) tags on
network objects which do not belong to the tenant, and this
action is not being subjected to the proper policy authorizationc
heck.


Patches

      https://review.opendev.org/c/openstack/neutron/+/936849 
(2023.2/bobcat)

      https://review.opendev.org/c/openstack/neutron/+/936846 
(2024.1/caracal)

      https://review.opendev.org/c/openstack/neutron/+/936843 
(2024.2/dalmatian)

      https://review.opendev.org/c/openstack/neutron/+/935883 (2025.1/epoxy)


Credits

      Tore Anderson from Redpill Linpro AS (C, V, E, -, 2, 0, 2, 4, -, 
5, 3, 9, 1, 6)


References

      https://launchpad.net/bugs/2088986

      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53916



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================