redhat openstack platform 16.1 vulnerabilities and exploits

(subscribe to this query)

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.

Redhat Openstack Platform 15.0 Redhat Openstack Platform 16.0 Redhat Openstack Platform 16.1

1 Article

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols ...

Cloudbase Open Vswitch 3.1.0 Cloudbase Open Vswitch Debian Debian Linux 11.0 Redhat Virtualization 4.0 Redhat Openshift Container Platform 4.0 Redhat Openstack Platform 16.1 Redhat Openstack Platform 16.2 Redhat Openstack Platform 17.0 Redhat Fast Datapath -

An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete p...

Openstack Barbican Redhat Openstack Platform 16.1 Redhat Openstack Platform 13.0 Redhat Openstack Platform 16.2

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integri...

Openstack Keystone Debian Debian Linux 10.0 Debian Debian Linux 11.0 Redhat Openstack Platform 16.1 Redhat Openstack Platform 13.0 Redhat Openstack Platform 10.0 Redhat Openstack Platform 16.2

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial o...

Openstack Neutron 18.0.0 Openstack Neutron Redhat Openstack Platform 16.1 Redhat Openstack Platform 13.0 Redhat Openstack Platform 10.0 Redhat Openstack Platform 16.2

A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected...

Openstack Keystone -Redhat Storage 3.0 Redhat Quay 3.0.0 Redhat Openstack Platform 16.1 Redhat Openstack Platform 16.2

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confi...

Redhat Openstack -

An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were...

Redhat Openstack Platform 16.1 Redhat Openstack Platform 13.0 Redhat Openstack Platform 16.2 Openstack Neutron

An improper authorization flaw exists in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or more Red Hat OpenStack (RHOSP) containers could send messages to the dbus. With acces...

Redhat Openstack-selinux Redhat Openstack Platform 16.1 Redhat Openstack Platform 15.0

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook