Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-40085

Source

                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
[OSSA-2021-005] Neutron: Arbitrary dnsmasq reconfiguration via extra_dhcp_opts (CVE-2021-40085)

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Jeremy Stanley &lt;fungi () yuggoth org&gt;

Date: Tue, 31 Aug 2021 15:00:38 +0000

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
====================================================================
OSSA-2021-005: Arbitrary dnsmasq reconfiguration via extra_dhcp_opts
====================================================================

:Date: August 31, 2021
:CVE: CVE-2021-40085

Affects
~~~~~~~
- Neutron: &lt;16.4.1, &gt;=17.0.0 &lt;17.2.1, &gt;=18.0.0 &lt;18.1.1

Description
~~~~~~~~~~~
Pavel Toporkov reported a vulnerability in Neutron. By supplying a
specially crafted extra_dhcp_opts value, an authenticated user may add
arbitrary configuration to the dnsmasq process in order to crash the
service, change parameters for other tenants sharing the same
interface, or otherwise alter that daemon's behavior. This
vulnerability may also be used to trigger a configuration parsing
buffer overflow in versions of dnsmasq prior to 2.81, which could lead
to remote code execution. All Neutron deployments are affected.

Patches
~~~~~~~
- https://review.opendev.org/806750 (Ussuri)
- https://review.opendev.org/806749 (Victoria)
- https://review.opendev.org/806748 (Wallaby)
- https://review.opendev.org/806746 (Xena)

Credits
~~~~~~~
- Pavel Toporkov (CVE-2021-40085)

References
~~~~~~~~~~
- https://launchpad.net/bugs/1939733
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40085

-- 
Jeremy Stanley
Attachment:
signature.asc
Description: 

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

[OSSA-2021-005] Neutron: Arbitrary dnsmasq reconfiguration via extra_dhcp_opts (CVE-2021-40085) Jeremy Stanley (Aug 31)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

[OSSA-2021-005] Neutron: Arbitrary dnsmasq reconfiguration via extra_dhcp_opts (CVE-2021-40085)

Vulmon Search

About

Products

Connect