Title: Neutron L2 agent DoS through incorrect allowed address pairs Reporter: Darragh O'Reilly (HP) Products: Neutron Affects: 2014.2 versions through 2014.2.3 and 2015.1.0 version Description: Darragh O'Reilly from HP reported a vulnerability in Neutron. By adding an address pair which is rejected as invalid by the ipset tool, an authenticated user may crash the Neutron L2 agent resulting in a denial of service attack. Neutron setups using the IPTables firewall driver are affected. fixes are in tree as 2014.2.3-r1 and 2015.1.0-r2, no badness remaining in tree