CVE 2016-0738
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL.
Related bugs and status
CVE-2016-0738 (Candidate) is related to these bugs:
Bug #1177924: Use testr instead of nose as the unittest runner.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1177924 | Use testr instead of nose as the unittest runner. | Ceilometer | Undecided | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | Cinder | Medium | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | Glance | Undecided | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | OpenStack Dashboard (Horizon) | Wishlist | Won't Fix | ||
1177924 | Use testr instead of nose as the unittest runner. | OpenStack Identity (keystone) | Wishlist | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | OpenStack DBaaS (Trove) | Low | Triaged | ||
1177924 | Use testr instead of nose as the unittest runner. | OpenStack Object Storage (swift) | Wishlist | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | python-cinderclient | Medium | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | python-ceilometerclient | Undecided | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | python-heatclient | Medium | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | python-keystoneclient | Wishlist | Fix Released | ||
1177924 | Use testr instead of nose as the unittest runner. | django-openstack-auth | Wishlist | Won't Fix | ||
1177924 | Use testr instead of nose as the unittest runner. | manila-ui | Wishlist | Won't Fix |
Bug #1409302: Use of GreenAsyncPile can lose txn_id logging
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1409302 | Use of GreenAsyncPile can lose txn_id logging | OpenStack Object Storage (swift) | Medium | In Progress |
Bug #1419901: container-sync checks invalid ClientException
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1419901 | container-sync checks invalid ClientException | OpenStack Object Storage (swift) | Critical | Fix Released |
Bug #1466549: [OSSA 2016-004] Download DLO objects leak connections when client kill connection (CVE-2016-0737)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1466549 | [OSSA 2016-004] Download DLO objects leak connections when client kill connection (CVE-2016-0737) | OpenStack Object Storage (swift) | Undecided | Fix Released | ||
1466549 | [OSSA 2016-004] Download DLO objects leak connections when client kill connection (CVE-2016-0737) | OpenStack Security Advisory | Undecided | Fix Released |
Bug #1476623: Excessive resource consumption looking for containers to sync
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1476623 | Excessive resource consumption looking for containers to sync | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1488704: FakeRing does fake get_part anymore
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1488704 | FakeRing does fake get_part anymore | OpenStack Object Storage (swift) | Low | Fix Released |
Bug #1493303: [OSSA 2016-004] Swift proxy memory leak on unfinished read (CVE-2016-0738)
Bug #1526017: expose time remaining in min_part_hours
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526017 | expose time remaining in min_part_hours | OpenStack Object Storage (swift) | Wishlist | Fix Released |
Bug #1526575: *LO subrequests don't pass on the referer or req.acl on
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526575 | *LO subrequests don't pass on the referer or req.acl on | OpenStack Object Storage (swift) | Medium | Fix Released |
Bug #1526588: Reconciler unit test fails in non-UTC time zone
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526588 | Reconciler unit test fails in non-UTC time zone | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1526697: Typo in Deployment Guide
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526697 | Typo in Deployment Guide | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1526725: tox -e func -- --until-failure does not work
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526725 | tox -e func -- --until-failure does not work | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1528189: auth_prefix option in tempauth middleware does not work
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1528189 | auth_prefix option in tempauth middleware does not work | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1529321: AttributeError: 'LogAdapter' object has no attribute 'warn'
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1529321 | AttributeError: 'LogAdapter' object has no attribute 'warn' | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1529836: Fix deprecated library function (os.popen()).
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1529836 | Fix deprecated library function (os.popen()). | tempest | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Dashboard (Horizon) | Low | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | neutron | Low | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Compute (nova) | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Object Storage (swift) | Undecided | In Progress | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Shared File Systems Service (Manila) | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Cinder | Low | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Identity (keystone) | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | python-keystoneclient | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Ceilometer | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Murano | Wishlist | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | senlin | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Sahara | Low | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Python client library for Zaqar | Undecided | In Progress | ||
1529836 | Fix deprecated library function (os.popen()). | OpenStack Heat | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | keystoneauth | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | keystonemiddleware | Low | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | congress | Low | In Progress | ||
1529836 | Fix deprecated library function (os.popen()). | nova-powervm | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Kwapi | Undecided | In Progress | ||
1529836 | Fix deprecated library function (os.popen()). | python-heatclient | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | glance_store | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | networking-powervm | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | horizon-cisco-ui | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | ceilometer-powervm | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | bilean | Undecided | In Progress | ||
1529836 | Fix deprecated library function (os.popen()). | Blazar | Wishlist | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | group-based-policy-specs | Undecided | Fix Released | ||
1529836 | Fix deprecated library function (os.popen()). | Zaqar-ui | Undecided | Fix Released |
Bug #1531173: write_affinity stores only replica counts in local region. The write_affinity_node_count has no effect
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1531173 | write_affinity stores only replica counts in local region. The write_affinity_node_count has no effect | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1532126: PUT X-Copy-From with Range violates RFC7233
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1532126 | PUT X-Copy-From with Range violates RFC7233 | OpenStack Object Storage (swift) | Low | Fix Released |
Bug #1532276: ring device holes not reused
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1532276 | ring device holes not reused | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1532471: invalid x-timestamp causes 500
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1532471 | invalid x-timestamp causes 500 | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1533002: object-auditor skips EC fragments
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1533002 | object-auditor skips EC fragments | OpenStack Object Storage (swift) | Critical | Fix Released |
Bug #1533768: inconsistent types returned for metadata
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1533768 | inconsistent types returned for metadata | OpenStack Object Storage (swift) | High | Fix Released |
Bug #1534276: inconsistent suffix hashes after ssync replication of a tombstone
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1534276 | inconsistent suffix hashes after ssync replication of a tombstone | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1534303: Slowdown on PUT with write-affinity on and zero-weight zone
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1534303 | Slowdown on PUT with write-affinity on and zero-weight zone | OpenStack Object Storage (swift) | Medium | Fix Released |
Bug #1534325: remove jerasure from swift docs
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1534325 | remove jerasure from swift docs | OpenStack Object Storage (swift) | Wishlist | Fix Released |
Bug #1536037: fast-post broken with object mem server
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1536037 | fast-post broken with object mem server | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1536067: Duplicated code
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1536067 | Duplicated code | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1537042: versioned_writes middleware is mis-placed in proxy pipeline
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1537042 | versioned_writes middleware is mis-placed in proxy pipeline | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1538834: max_large_object_get_time is not used
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1538834 | max_large_object_get_time is not used | OpenStack Object Storage (swift) | Low | Fix Released |
Bug #1540884: Object copied by container-sync may have older timestamp than source
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1540884 | Object copied by container-sync may have older timestamp than source | OpenStack Object Storage (swift) | High | Fix Released |
Bug #1541491: recon not contacting all hosts when using storage policies
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1541491 | recon not contacting all hosts when using storage policies | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1542145: [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack | High | Fix Released | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 5.1.x | High | Invalid | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 7.0.x | High | Fix Released | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 6.1.x | High | Invalid | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 8.0.x | High | Fix Released | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 6.0.x | High | Invalid | ||
1542145 | [OSSA-2016-004] Swift proxy-server DoS through Large Object (CVE-2016-0737, CVE-2016-0738) | Mirantis OpenStack 9.x | High | Fix Released |
Bug #1542168: EC: Accept-Range missing in EC GET response
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1542168 | EC: Accept-Range missing in EC GET response | OpenStack Object Storage (swift) | Low | Fix Released |
Bug #1542227: docs and sample config wrongly suggest that default log_statsd_host is localhost
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1542227 | docs and sample config wrongly suggest that default log_statsd_host is localhost | OpenStack Object Storage (swift) | Low | Fix Released |
Bug #1546865: older PUT than tombstone creates .data file
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1546865 | older PUT than tombstone creates .data file | OpenStack Object Storage (swift) | Undecided | Fix Released |
Bug #1550067: test_object_delete_at_aysnc_update is misnamed.
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1550067 | test_object_delete_at_aysnc_update is misnamed. | OpenStack Object Storage (swift) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.