Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network. Only deployments using the linuxbridge backend are affected. This occurs in PyRoute2.add() in internal/command/ip/linux/impl_pyroute2.py.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack os-vif 资源管理错误漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。os-vif是其中的一个用于插入和拔出虚拟接口(VIF)的库。 OpenStack os-vif 1.15.2之前的1.15.x版本和1.16.0版本中存在安全漏洞。攻击者可利用该漏洞查看其他租户实例的数据包内容。
CVSS Information
N/A
Vulnerability Type
N/A