{"id":"CVE-2022-37394","details":"An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.","aliases":["GHSA-v725-c588-h936"],"modified":"2026-04-09T08:56:58.699221Z","published":"2022-08-03T07:15:07.757Z","references":[{"type":"ADVISORY","url":"https://review.opendev.org/c/openstack/nova/+/850003"},{"type":"REPORT","url":"https://bugs.launchpad.net/ossa/+bug/1981813"},{"type":"FIX","url":"https://review.opendev.org/c/openstack/nova/+/849985"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openstack/nova","events":[{"introduced":"0"},{"fixed":"a9e81626c5e9dac897759c5f66c7ae1b4efa3c6d"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"23.2.2"}]}}],"versions":["0.9.0","12.0.0.0b1","12.0.0.0b2","12.0.0.0b3","12.0.0.0rc1","12.0.0a0","13.0.0.0b1","13.0.0.0b2","13.0.0.0b3","13.0.0.0rc1","14.0.0.0b1","14.0.0.0b2","14.0.0.0b3","14.0.0.0rc1","15.0.0.0b1","15.0.0.0b2","15.0.0.0b3","15.0.0.0rc1","16.0.0.0b1","16.0.0.0b2","16.0.0.0b3","16.0.0.0rc1","17.0.0.0b1","17.0.0.0b2","17.0.0.0b3","17.0.0.0rc1","18.0.0.0b1","18.0.0.0b2","18.0.0.0b3","18.0.0.0rc1","19.0.0.0rc1","20.0.0.0rc1","2010.1","2011.1","2011.1rc1","2011.2","2011.2gamma1","2011.2rc1","2013.1.rc1","2013.2.b3","2013.2.rc1","2014.1.b1","2014.1.b2","2014.1.b3","2014.1.rc1","2014.2.b1","2014.2.b2","2014.2.b3","2014.2.rc1","2015.1.0b1","2015.1.0b2","2015.1.0b3","2015.1.0rc1","21.0.0.0rc1","22.0.0","22.0.0.0rc1","23.0.0","23.0.0.0rc1","23.0.0.0rc2","23.0.1","23.0.2","23.1.0","23.2.0","23.2.1","diablo-1","essex-1","folsom-1","folsom-2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"24.0.0"},{"fixed":"24.1.2"}]},{"events":[{"introduced":"25.0.0"},{"fixed":"25.0.2"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-37394.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}