CVE-2022-37394

openstack-nova: Compute service fails to restart if the vnic_type of a bound port changed from direct to macvtap

Severity Score

3.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.

Se ha detectado un problema en OpenStack Nova versiones anteriores a 23.2.2, 24.x anteriores a 24.1.2 y 25.x anteriores a 25.0.2. Al crear un puerto de neutrones con el vnic_type directo, crear una instancia vinculada a ese puerto y luego cambiar el vnic_type del puerto vinculado a macvtap, un usuario autenticado puede causar que el servicio de computación no sea reiniciado, resultando en una posible denegación de servicio. Sólo están afectadas las implantaciones de Nova configuradas con SR-IOV

*Credits: N/A

CVSS Scores

NISTv3.1 3.3

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-08-03 CVE Reserved
2022-08-03 CVE Published
2024-08-03 CVE Updated
2024-08-03 First Exploit
2024-10-25 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (5)

URL	Tag	Source
https://review.opendev.org/c/openstack/nova/+/850003	Third Party Advisory

URL	Date	SRC
https://bugs.launchpad.net/ossa/+bug/1981813	2024-08-03

URL	Date	SRC
https://review.opendev.org/c/openstack/nova/+/849985	2022-08-10

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-37394	2023-04-26
https://bugzilla.redhat.com/show_bug.cgi?id=2117333	2023-04-26

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openstack Search vendor "Openstack"		Nova Search vendor "Openstack" for product "Nova"				< 23.2.2 Search vendor "Openstack" for product "Nova" and version " < 23.2.2"		-		Affected
Openstack Search vendor "Openstack"		Nova Search vendor "Openstack" for product "Nova"				>= 24.0.0 < 24.1.2 Search vendor "Openstack" for product "Nova" and version " >= 24.0.0 < 24.1.2"		-		Affected
Openstack Search vendor "Openstack"		Nova Search vendor "Openstack" for product "Nova"				>= 25.0.0 < 25.0.2 Search vendor "Openstack" for product "Nova" and version " >= 25.0.0 < 25.0.2"		-		Affected