CVE-2022-37394
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
OpenStack Nova Changing vnic_type breaks compute service restart
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-37394
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-37394.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 2:26.0.0~rc1-3 |
| debian | bullseye | affected | |
| debian | forky | fixed | 2:26.0.0~rc1-3 |
| debian | sid | fixed | 2:26.0.0~rc1-3 |
| debian | trixie | fixed | 2:26.0.0~rc1-3 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-37394
- https://github.com/openstack/nova/commit/0c87681135cfb3ce61d2a0392928c1dbc1fe5fde
- https://github.com/openstack/nova/commit/1a98a1a650d065a8ab3e1c474f3b9fd537dc2206
- https://github.com/openstack/nova/commit/4954f993680c75fd9d3d507f2dcd00300c9b3d44
- https://github.com/openstack/nova/commit/a28c82719545d5c8ee7f3ff1361b3a796e05095a
- https://github.com/openstack/nova/commit/e43bf900dc8ca66578603bed333c56b215b1876e
- https://github.com/openstack/nova/commit/f8c91eb75fc5504a37fc3b4be1d65d33dbc9b511
- https://bugs.launchpad.net/ossa/+bug/1981813
- https://github.com/openstack/nova
- https://review.opendev.org/c/openstack/nova/+/849985
- https://review.opendev.org/c/openstack/nova/+/850003
- https://www.suse.com/security/cve/CVE-2022-37394.html
- https://security-tracker.debian.org/tracker/CVE-2022-37394
Verify integrity in audit chain (admin only). AS-IS.