Unrated severityNVD Advisory· Published Jul 11, 2014· Updated May 6, 2026

CVE-2014-4167

Description

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

Affected products

Canonical (company)/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
OpenStack/Neutron3 versions
cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*range: >=2011.1,<=2013.2.3
- cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/oss-sec/2014/q2/572nvdMailing ListThird Party Advisory
www.ubuntu.com/usn/USN-2255-1nvdThird Party Advisory
bugs.launchpad.net/neutron/+bug/1309195nvdIssue TrackingVendor Advisory
secunia.com/advisories/59533nvdPermissions Required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000