Dustin Lundquist

**Name of the Vulnerable Software and Affected Versions** OpenStack Neutron versions prior to 7.0.4 OpenStack Neutron versions 8.0.0 through 8.1.0 **Description** The issue allows remote attackers to bypass an intended DHCP-spoofing protection mechanism. This can cause a denial of service or allow the interception of network traffic via a crafted DHCP discovery message. **Recommendations** For OpenStack Neutron versions prior to 7.0.4, update to version 7.0.4 or later. For OpenStack Neutron versions 8.0.0 through 8.1.0, update to a version outside of this range.

**Name of the Vulnerable Software and Affected Versions** OpenStack Neutron versions prior to 7.0.4 OpenStack Neutron versions 8.0.0 through 8.1.0 **Description** The issue allows remote attackers to bypass an intended MAC-spoofing protection mechanism, potentially causing a denial of service or allowing them to intercept network traffic. This can be achieved via a crafted DHCP discovery message or crafted non-IP traffic. **Recommendations** For OpenStack Neutron versions prior to 7.0.4, update to version 7.0.4 or later. For OpenStack Neutron versions 8.0.0 through 8.1.0, update to version 8.1.0 or later. As a temporary workaround, consider restricting access to the IPTables firewall to minimize the risk of exploitation.