Moderate severityNVD Advisory· Published Aug 26, 2015· Updated Jun 17, 2026
CVE-2015-3221
CVE-2015-3221
Description
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
neutronPyPI | < 2014.2.4 | 2014.2.4 |
neutronPyPI | >= 2015.1.0, < 2015.1.1 | 2015.1.1 |
Affected products
8- ghsa-coords7 versionspkg:pypi/neutronpkg:rpm/suse/crowbar-barclamp-neutron&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/openstack-neutron&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%205pkg:rpm/suse/openstack-nova&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205pkg:rpm/suse/python-python-memcached&distro=SUSE%20Cloud%20Compute%20Node%20for%20SUSE%20Linux%20Enterprise%2012%205
< 2014.2.4+ 6 more
- (no CPE)range: < 2014.2.4
- (no CPE)range: < 1.9+git.1443859419.95e948a-12.2
- (no CPE)range: < 2014.2.4~a0~dev103-10.3
- (no CPE)range: < 2014.2.4~a0~dev103-16.2
- (no CPE)range: < 2014.2.4~a0~dev103-16.4
- (no CPE)range: < 2014.2.4~a0~dev80-14.1
- (no CPE)range: < 1.54-2.1
Patches
Vulnerability mechanics
References
12- lists.openstack.org/pipermail/openstack-announce/2015-June/000377.htmlnvdVendor AdvisoryWEB
- rhn.redhat.com/errata/RHSA-2015-1680.htmlnvdVendor AdvisoryWEB
- www.securityfocus.com/bid/75368nvdThird Party AdvisoryVDB Entry
- bugs.launchpad.net/neutron/+bug/1461054nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-wf44-4mgj-rwvxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-3221ghsaADVISORY
- access.redhat.com/errata/RHSA-2015:1680ghsaWEB
- access.redhat.com/security/cve/CVE-2015-3221ghsaWEB
- bugzilla.redhat.com/show_bug.cgighsaWEB
- git.openstack.org/cgit/openstack/neutron/commit/ghsaWEB
- opendev.org/openstack/neutronghsaPACKAGE
- web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368ghsaWEB
News mentions
0No linked articles in our index yet.