Mirantis OpenStack

radvd >= 2.0 blocks router update processing

  1. Series 6.0.x
  2. Bug #1410811
Bug #1410811 reported by Alexander Ignatov
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mirantis OpenStack
Fix Committed
High
Alexander Ignatov
Mirantis OpenStack 6.0-updates
6.0.x
Fix Released
High
Denis Meltsaykin
Mirantis OpenStack 6.0-mu-2
6.1.x
Fix Released
High
Alexander Ignatov
Mirantis OpenStack 6.1

Bug Description

This is [pre-OSSA] Vulnerability in OpenStack Neutron (CVE-2014-8153)

Original bug: https://bugs.launchpad.net/neutron/+bug/1398779

========================================================

In radvd 2.0+, daemonization code was rewritten, switching from libdaemon's daemon_fork() to Linux daemon() call.

If no logging method (-m option) is passed to radvd, and the default logging method is used (which is L_STDERR_SYSLOG), then daemon() is called with (1, 1) arguments, meaning no chroot (fine) and not closing stderr (left there for logging) (not fine). So execute() call that spawns radvd and expects it to daemonize and return code never actually completes, blocked on stderr.

The fix is to pass e.g. -m syslog to radvd to make it close stderr and return.

CVE References

Revision history for this message
Alexander Ignatov (aignatov) wrote :

Fix is not applicable for 5.x versions since there was no radvd tool

Changed in mos:
status: Fix Committed → In Progress
Revision history for this message
Alexander Ignatov (aignatov) wrote :

Fix commited by https://bugs.launchpad.net/mos/+bug/1409766

Dmitry Mescheryakov (dmitrymex)
information type: Private Security → Public Security
Adam Heczko (aheczko-mirantis)
tags: added: feature-security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.