Vulnerabilities > CVE-2021-40085
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2021/08/31/2
- http://www.openwall.com/lists/oss-security/2021/08/31/2
- https://launchpad.net/bugs/1939733
- https://launchpad.net/bugs/1939733
- https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
- https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
- https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
- https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
- https://security.openstack.org/ossa/OSSA-2021-005.html
- https://security.openstack.org/ossa/OSSA-2021-005.html
- https://www.debian.org/security/2021/dsa-4983
- https://www.debian.org/security/2021/dsa-4983