Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
9.1
CVSSv3

CVE-2021-38598

Published: 23/08/2021 Updated: 08/08/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Vulnerability Summary

OpenStack Neutron prior to 16.4.1, 17.x prior to 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openstack neutron 18.0.0

openstack neutron

Vendor Advisories

Debian Security Advisories: DSA-4983-1 neutron -- security update
Pavel Toporkov discovered a vulnerability in Neutron, the OpenStack virtual network service, which allowed a reconfiguration of dnsmasq via crafted dhcp_extra_opts parameters For the oldstable distribution (buster), this problem has been fixed in version 2:1307+git20210927bace3d1890-0+deb10u1 This update also fixes CVE-2021-20267 For the s ...
Red Hat: CVE-2021-38598
No description is available for this CVE ...

Mailing Lists

Full Disclosure: Re: [OSSA-2021-004] Neutron: Linuxbridge ARP filter bypass on Netfilter platforms (CVE-2021-38598)
On Tuesday 2021-08-17 17:17, Jeremy Stanley wrote: ip_tables is running atop the netfilter API, so it's not an ordered set with predecessors and successors ...
Full Disclosure: Re: [OSSA-2021-004] Neutron: Linuxbridge ARP filter bypass on Netfilter platforms (CVE-2021-38598)
On 2021-08-17 19:30:21 +0200 (+0200), Jan Engelhardt wrote: Yes, thanks It would have been more accurate to draw the comparison between ebtables and ebtables-nft, which is where the underlying problem arises I was trying not to get too into the weeds with technical detail for the general user audience, who may not be particularly aware of the n ...
Full Disclosure: [OSSA-2021-004] Neutron: Linuxbridge ARP filter bypass on Netfilter platforms (CVE-2021-38598)
=================================================================== OSSA-2021-004: Linuxbridge ARP filter bypass on Netfilter platforms =================================================================== :Date: August 17, 2021 :CVE: CVE-2021-38598 Affects ~~~~~~~ - Neutron: <1641, >=1700 <1713, ==1800 Description ~~~~~~~~~~~ J ...

References

CWE-290https://launchpad.net/bugs/1938670https://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4983
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267XML injectionCVE-2024-37673CVE-2024-6266CVE-2024-30078arbitrary CVE-2024-36886CVE-2024-5346template injection
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook