Vulnerability Details : CVE-2022-37394
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.
Vulnerability category: Denial of service
Products affected by CVE-2022-37394
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-37394
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 27 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-37394
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
1.8
|
1.4
|
NIST |
References for CVE-2022-37394
-
https://bugs.launchpad.net/ossa/+bug/1981813
Bug #1981813 “Compute service fails to restart if the vnic_type ...” : Bugs : OpenStack Security AdvisoryExploit;Issue Tracking;Third Party Advisory
-
https://review.opendev.org/c/openstack/nova/+/850003
Gracefully ERROR in _init_instance if vnic_type changed (850003) · Gerrit Code ReviewThird Party Advisory
-
https://review.opendev.org/c/openstack/nova/+/849985
Reproduce bug 1981813 in func env (849985) · Gerrit Code ReviewPatch;Third Party Advisory
Jump to