Lucene search

K
openvasCopyright (C) 2023 Greenbone AGOPENVAS:136141256231112202360671
HistoryMay 11, 2023 - 12:00 a.m.

Ubuntu: Security Advisory (USN-6067-1)

2023-05-1100:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
2
cve-2021-20267
cve-2021-38598
cve-2021-40085
cve-2021-40797
cve-2022-3277
openstack neutron
ubuntu 18.04
ubuntu 20.04
ubuntu 22.04
denial of service
ipv6 addresses
hardware addresss
dnsmasq
routes middleware
resource consumption
vendorfix

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

45.9%

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.12.2023.6067.1");
  script_cve_id("CVE-2021-20267", "CVE-2021-38598", "CVE-2021-40085", "CVE-2021-40797", "CVE-2022-3277");
  script_tag(name:"creation_date", value:"2023-05-11 04:09:44 +0000 (Thu, 11 May 2023)");
  script_version("2024-02-02T05:06:10+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"5.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2021-08-28 00:48:05 +0000 (Sat, 28 Aug 2021)");

  script_name("Ubuntu: Security Advisory (USN-6067-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(18\.04\ LTS|20\.04\ LTS|22\.04\ LTS)");

  script_xref(name:"Advisory-ID", value:"USN-6067-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-6067-1");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'neutron' package(s) announced via the USN-6067-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"David Sinquin discovered that OpenStack Neutron incorrectly handled the
default Open vSwitch firewall rules. An attacker could possibly use this
issue to impersonate the IPv6 addresses of other systems on the network.
This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2021-20267)

Jake Yip and Justin Mammarella discovered that OpenStack Neutron
incorrectly handled the linuxbridge driver when ebtables-nft is being
used. An attacker could possibly use this issue to impersonate the hardware
addresss of other systems on the network. This issue only affected Ubuntu
18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598)

Pavel Toporkov discovered that OpenStack Neutron incorrectly handled
extra_dhcp_opts values. An attacker could possibly use this issue to
reconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu
20.04 LTS. (CVE-2021-40085)

Slawek Kaplonski discovered that OpenStack Neutron incorrectly handled the
routes middleware. An attacker could possibly use this issue to cause the
API worker to consume memory, leading to a denial of service. This issue
only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797)

It was discovered that OpenStack Neutron incorrectly handled certain
queries. A remote authenticated user could possibly use this issue to cause
resource consumption, leading to a denial of service. (CVE-2022-3277)");

  script_tag(name:"affected", value:"'neutron' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU18.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"python-neutron", ver:"2:12.1.1-0ubuntu8.1", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU20.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"python3-neutron", ver:"2:16.4.2-0ubuntu6.2", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU22.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"python3-neutron", ver:"2:20.3.0-0ubuntu1.1", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

45.9%