UBUNTU-CVE-2019-10876

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2019-10876
Published: 05 Apr 2019, 05:29
Last modified:14 Apr 2026, 08:58

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

05 Apr 2019, 05:29
Published
Vulnerability first disclosed
14 Apr 2026, 08:58
Last Modified
Vulnerability information updated

Description

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

CVSS Metrics

  • v3.0MEDIUMScore: 6.5CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Systems

  • ubuntuneutron

    < 2:12.0.5-0ubuntu4

References (3)