Linux Distros Unpatched Vulnerability : CVE-2021-38598

🗓️ 27 Aug 2025 00:00:00Reported by TenableType

OpenStack Neutron versions before 16.4.1, 17.x before 17.1.3, and 18.0.0 expose hardware address impersonation.

Reporter	Title	Published	Views	Family All 31
Circl	CVE-2021-38598	23 Aug 202112:22	–	circl
CNNVD	OpenStack Neutron 安全漏洞	17 Aug 202100:00	–	cnnvd
CVE	CVE-2021-38598	23 Aug 202104:17	–	cve
Cvelist	CVE-2021-38598	23 Aug 202104:17	–	cvelist
Debian	[SECURITY] [DSA 4983-1] neutron security update	10 Oct 202118:06	–	debian
Debian CVE	CVE-2021-38598	23 Aug 202104:17	–	debiancve
Tenable Nessus	Debian DSA-4983-1 : neutron - security update	11 Oct 202100:00	–	nessus
Tenable Nessus	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : OpenStack Neutron vulnerabilities (USN-6067-1)	13 May 202300:00	–	nessus
EUVD	EUVD-2021-0144	7 Oct 202500:30	–	euvd
Github Security Blog	OpenStack Neutron vulnerable to hardware address impersonation	24 May 202219:11	–	github

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2021-38598
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(257801);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/27");

  script_cve_id("CVE-2021-38598");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2021-38598");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when
    the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully
    crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate
    the hardware addresses of other systems on the network, resulting in denial of service or in some cases
    possibly interception of traffic intended for other destinations. (CVE-2021-38598)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2021-38598");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-38598");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:neutron");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "neutron-bgp-dragent"},
          {"reference": "neutron-common"},
          {"reference": "neutron-dhcp-agent"},
          {"reference": "neutron-l3-agent"},
          {"reference": "neutron-linuxbridge-agent"},
          {"reference": "neutron-macvtap-agent"},
          {"reference": "neutron-metadata-agent"},
          {"reference": "neutron-metering-agent"},
          {"reference": "neutron-openvswitch-agent"},
          {"reference": "neutron-plugin-linuxbridge-agent"},
          {"reference": "neutron-plugin-ml2"},
          {"reference": "neutron-plugin-openvswitch-agent"},
          {"reference": "neutron-plugin-sriov-agent"},
          {"reference": "neutron-server"},
          {"reference": "neutron-sriov-agent"},
          {"reference": "python-neutron"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

27 Aug 2025 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 25.8

CVSS 3.19.1

EPSS0.00138