CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10876 – openstack-neutron: DOS via broken port range merging in security group
https://notcve.org/view.php?id=CVE-2019-10876
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. Se ha descubierto un problema en OpenStack Neutron, en las versiones 11.x anteriores a la 11.0.7, en las 12.x anteriores a la 12.0.6 y en las 13.x anteriores a la 13.0.3. Al crear dos grupos de seguridad con rangos de puertos separados/solapados, un usuario autenticado podría impedir que Neutron sea capaz de configurar las redes en cualquier nodo de cálculo donde se encuentran dichos grupos de seguridad, debido a un error de claves en el firewall de Open vSwitch (OVS). • http://www.openwall.com/lists/oss-security/2019/04/09/2 https://access.redhat.com/errata/RHSA-2019:0879 https://access.redhat.com/errata/RHSA-2019:0935 https://bugs.launchpad.net/ossa/+bug/1813007 https://review.openstack.org/#/q/topic:bug/1813007 https://security.openstack.org/ossa/OSSA-2019-002.html https://access.redhat.com/security/cve/CVE-2019-10876 https://bugzilla.redhat.com/show_bug.cgi?id=1695883 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-16856 – openstack-octavia: Private keys written to world-readable log files
https://notcve.org/view.php?id=CVE-2018-16856
In a default Red Hat Openstack Platform Director installation, openstack-octavia before versions openstack-octavia 2.0.2-5 and openstack-octavia-3.0.1-0.20181009115732 creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure. En una instalación de Red Hat Openstack Platform Director por defecto, openstack-octavia en versiones anteriores a la 2.0.2-5 y openstack-octavia-3.0.1-0.20181009115732 crean archivos de registro que pueden ser leídos por todos los usuarios. La información sensible, como las claves privadas, puede aparecer en estos archivos, lo que permite la exposición de información. In a default Red Hat Openstack Platform Director installation, openstack-octavia creates log files that are readable by all users. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16856 https://access.redhat.com/security/cve/CVE-2018-16856 https://bugzilla.redhat.com/show_bug.cgi?id=1649165 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 1CVE-2019-9735 – openstack-neutron: incorrect validation of port settings in iptables security group driver
https://notcve.org/view.php?id=CVE-2019-9735
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.) Se ha detectado un fallo en el módulo de firewall iptables en OpenStack Neutron en versiones anteriores a la 10.0.8, en las 11.x anteriores a la 11.0.7, en las 12.x anteriores a la 12.0.6 y en las 13.x anteriores a la 13.0.3. Al establecer un puerto de destino en una regla de grupo de seguridad, junto con un protocolo que no soporta dicha opción (p.ej., VRRP), un usuario autenticado podría bloquear la mayor aplicación de esas reglas de grupo de seguridad para instancias desde cualquier project/tenant en los hosts de computación a los cuales se aplican. • http://www.openwall.com/lists/oss-security/2019/03/18/2 http://www.securityfocus.com/bid/107390 https://access.redhat.com/errata/RHSA-2019:0879 https://access.redhat.com/errata/RHSA-2019:0916 https://access.redhat.com/errata/RHSA-2019:0935 https://launchpad.net/bugs/1818385 https://seclists.org/bugtraq/2019/Mar/24 https://security.openstack.org/ossa/OSSA-2019-001.html https://usn.ubuntu.com/4036-1 https://www.debian.org/security/2019/dsa-4409 https://a • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-18438
https://notcve.org/view.php?id=CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. Qemu tiene desbordamientos de enteros debido a que IOReadHandler y sus funciones asociadas emplean un tipo de datos de enteros firmados para un valor tamaño. • http://www.openwall.com/lists/oss-security/2018/10/17/3 http://www.securityfocus.com/bid/105953 https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02396.html https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02402.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2018-17963 – QEMU: net: ignore packets with large size
https://notcve.org/view.php?id=CVE-2018-17963
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. qemu_deliver_packet_iov en net/net.c en Qemu acepta tamaños de paquetes mayores a INT_MAX, lo que permite que los atacantes provoquen una denegación de servicio (DoS) o tengan otro tipo de impacto sin especificar. A potential integer overflow issue was found in the networking back-end of QEMU. It could occur while receiving packets, because it accepted packets with large size value. Such overflow could lead to OOB buffer access issue. A user inside guest could use this flaw to crash the QEMU process resulting in DoS. • http://www.openwall.com/lists/oss-security/2018/10/08/1 https://access.redhat.com/errata/RHSA-2019:2166 https://access.redhat.com/errata/RHSA-2019:2425 https://access.redhat.com/errata/RHSA-2019:2553 https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg06054.html https://usn.ubuntu.com/3826-1 https://www.debian.org/securi • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •