{"id":"USN-6067-1","summary":"neutron vulnerabilities","details":"David Sinquin discovered that OpenStack Neutron incorrectly handled the\ndefault Open vSwitch firewall rules. An attacker could possibly use this\nissue to impersonate the IPv6 addresses of other systems on the network.\nThis issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.\n(CVE-2021-20267)\n\nJake Yip and Justin Mammarella discovered that OpenStack Neutron\nincorrectly handled the linuxbridge driver when ebtables-nft is being\nused. An attacker could possibly use this issue to impersonate the hardware\naddresss of other systems on the network. This issue only affected Ubuntu\n18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598)\n\nPavel Toporkov discovered that OpenStack Neutron incorrectly handled\nextra_dhcp_opts values. An attacker could possibly use this issue to\nreconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu\n20.04 LTS. (CVE-2021-40085)\n\nSlawek Kaplonski discovered that OpenStack Neutron incorrectly handled the\nroutes middleware. An attacker could possibly use this issue to cause the\nAPI worker to consume memory, leading to a denial of service. This issue\nonly affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797)\n\nIt was discovered that OpenStack Neutron incorrectly handled certain\nqueries. A remote authenticated user could possibly use this issue to cause\nresource consumption, leading to a denial of service. (CVE-2022-3277)\n","modified":"2026-02-10T04:43:07Z","published":"2023-05-10T11:30:08Z","related":["UBUNTU-CVE-2021-20267","UBUNTU-CVE-2021-38598","UBUNTU-CVE-2021-40085","UBUNTU-CVE-2021-40797","UBUNTU-CVE-2022-3277"],"upstream":["CVE-2021-20267","CVE-2021-38598","CVE-2021-40085","CVE-2021-40797","CVE-2022-3277","UBUNTU-CVE-2021-20267","UBUNTU-CVE-2021-38598","UBUNTU-CVE-2021-40085","UBUNTU-CVE-2021-40797","UBUNTU-CVE-2022-3277"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6067-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-20267"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-38598"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-40085"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-40797"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3277"}],"affected":[{"package":{"name":"neutron","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/neutron@2:12.1.1-0ubuntu8.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:12.1.1-0ubuntu8.1"}]}],"versions":["2:11.0.1-0ubuntu1","2:12.0.0~b1-0ubuntu1","2:12.0.0~b1-0ubuntu2","2:12.0.0~b2-0ubuntu1","2:12.0.0~b3-0ubuntu1","2:12.0.0~rc1-0ubuntu1","2:12.0.0~rc2-0ubuntu1","2:12.0.0-0ubuntu1","2:12.0.0-0ubuntu1.1","2:12.0.0-0ubuntu1.2","2:12.0.0-0ubuntu1.3","2:12.0.0-0ubuntu1.4","2:12.0.0-0ubuntu2","2:12.0.0-0ubuntu3","2:12.0.1-0ubuntu1","2:12.0.1-0ubuntu1.1","2:12.0.2-0ubuntu1","2:12.0.3-0ubuntu1","2:12.0.5-0ubuntu1","2:12.0.5-0ubuntu4","2:12.0.5-0ubuntu5","2:12.0.6-0ubuntu1","2:12.0.6-0ubuntu2","2:12.0.6-0ubuntu3","2:12.1.0-0ubuntu1","2:12.1.1-0ubuntu1","2:12.1.1-0ubuntu2","2:12.1.1-0ubuntu3","2:12.1.1-0ubuntu4","2:12.1.1-0ubuntu7","2:12.1.1-0ubuntu8"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"neutron-common","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-dhcp-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-l3-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-linuxbridge-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-macvtap-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-metadata-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-metering-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-openvswitch-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-plugin-linuxbridge-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-plugin-ml2","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-plugin-openvswitch-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-plugin-sriov-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-server","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"neutron-sriov-agent","binary_version":"2:12.1.1-0ubuntu8.1"},{"binary_name":"python-neutron","binary_version":"2:12.1.1-0ubuntu8.1"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2021-20267","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-38598","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-40085","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-40797","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3277","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6067-1.json"}},{"package":{"name":"neutron","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/neutron@2:16.4.2-0ubuntu6.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:16.4.2-0ubuntu6.2"}]}],"versions":["2:15.0.0-0ubuntu1","2:16.0.0~b1~git2019121613.3e8abb9a8f-0ubuntu1","2:16.0.0~b2~git2020020712.d5b33ffc77-0ubuntu1","2:16.0.0~b2~git2020020712.d5b33ffc77-0ubuntu3","2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu1","2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu2","2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu3","2:16.0.0~b3~git2020032420.a0e1b5804e-0ubuntu4","2:16.0.0~b3~git2020041013.e74c8f8c88-0ubuntu1","2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1","2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu2","2:16.0.0-0ubuntu0.20.04.1","2:16.0.0-0ubuntu0.20.04.2","2:16.1.0-0ubuntu1","2:16.1.0-0ubuntu2","2:16.2.0-0ubuntu1","2:16.2.0-0ubuntu2","2:16.2.0-0ubuntu3","2:16.3.0-0ubuntu3","2:16.3.1-0ubuntu1","2:16.3.1-0ubuntu1.1","2:16.3.2-0ubuntu2","2:16.3.2-0ubuntu3","2:16.4.0-0ubuntu2","2:16.4.0-0ubuntu3","2:16.4.1-0ubuntu2","2:16.4.2-0ubuntu1","2:16.4.2-0ubuntu2","2:16.4.2-0ubuntu3","2:16.4.2-0ubuntu4","2:16.4.2-0ubuntu5","2:16.4.2-0ubuntu6","2:16.4.2-0ubuntu6.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"neutron-common","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-dhcp-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-l3-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-linuxbridge-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-macvtap-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-metadata-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-metering-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-openvswitch-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-ovn-metadata-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-plugin-ml2","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-server","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"neutron-sriov-agent","binary_version":"2:16.4.2-0ubuntu6.2"},{"binary_name":"python3-neutron","binary_version":"2:16.4.2-0ubuntu6.2"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2021-20267","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-38598","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-40085","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2021-40797","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3277","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6067-1.json"}},{"package":{"name":"neutron","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/neutron@2:20.3.0-0ubuntu1.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:20.3.0-0ubuntu1.1"}]}],"versions":["2:19.0.0-0ubuntu1","2:19.1.0+git2022030313.b072cbf05f-0ubuntu1","2:20.0.0-0ubuntu1","2:20.0.0-0ubuntu2","2:20.0.0-0ubuntu3","2:20.1.0-0ubuntu2","2:20.2.0-0ubuntu1","2:20.3.0-0ubuntu1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"neutron-common","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-dhcp-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-l3-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-linuxbridge-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-macvtap-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-metadata-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-metering-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-openvswitch-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-ovn-metadata-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-plugin-ml2","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-server","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"neutron-sriov-agent","binary_version":"2:20.3.0-0ubuntu1.1"},{"binary_name":"python3-neutron","binary_version":"2:20.3.0-0ubuntu1.1"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-3277","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6067-1.json"}}],"schema_version":"1.7.3"}