OpenStack Neutron can use an incorrect ID during policy enforcement

GHSA-f27h-g923-68hw · CVE-2024-53916

Published Nov 25, 2024 · Modified Jan 9, 2025

Description

In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-53916
PACKAGE https://github.com/openstack/neutron
WEB https://github.com/openstack/neutron/blob/363ffa6e9e1ab5968f87d45bc2f1cb6394f48b9f/neutron/extensions/tagging.py#L138-L232
WEB https://review.opendev.org/c/openstack/neutron/+/935883
WEB https://review.opendev.org/q/project:openstack/neutron
WEB https://security.openstack.org/ossa/OSSA-2024-005.html
WEB http://www.openwall.com/lists/oss-security/2024/12/03/1

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes