Описание
OpenStack Nova instance migration process does not stop when instance is deleted
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-3241
- https://github.com/openstack/nova/commit/7ab75d5b0b75fc3426323bef19bf436a258b9707
- https://github.com/openstack/nova/commit/b5020a047fc487f35b76fc05f31e52665a1afda1
- https://github.com/openstack/nova/commit/bf23643e36c8764b4bd532546a2cc04385fe0cff
- https://access.redhat.com/errata/RHSA-2015:1723
- https://access.redhat.com/errata/RHSA-2015:1898
- https://access.redhat.com/security/cve/CVE-2015-3241
- https://bugzilla.redhat.com/show_bug.cgi?id=1232782
- https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml
- https://launchpad.net/bugs/1387543
- https://security.openstack.org/ossa/OSSA-2015-015.html
- http://rhn.redhat.com/errata/RHSA-2015-1723.html
- http://rhn.redhat.com/errata/RHSA-2015-1898.html
- http://www.securityfocus.com/bid/75372
Пакеты
nova
< 12.0.0.0b3
112.0.0.0b3
EPSS
CVE ID
Связанные уязвимости
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlie ...
Security update for openstack-nova and openstack-neutron
EPSS