Here is the updated impact description with /dev/zero, file existence leak and new affect line (assuming this won't make it for upcoming 2015.1.2):
Title: Heat denial of service through template-validate
Reporter: Steven Hardy (Red Hat)
Products: Heat, python-heatclient
Affects: <=2014.2.3, >=2015.1.0, <=2015.1.2
Description:
Steven Hardy from Red Hat reported a vulnerability in Heat template validation. By referencing a local file like /dev/zero, an authenticated user may trick the heatclient and/or the heat engine service to load arbritrary local file content resulting in a Denial of Service attack through memory exhaustion. Note that the file content is not written back to the user, though the user can determine if a file exists and if it is readable by glance-engine. All Heat setups are affected.
Here is the updated impact description with /dev/zero, file existence leak and new affect line (assuming this won't make it for upcoming 2015.1.2):
Title: Heat denial of service through template-validate
Reporter: Steven Hardy (Red Hat)
Products: Heat, python-heatclient
Affects: <=2014.2.3, >=2015.1.0, <=2015.1.2
Description:
Steven Hardy from Red Hat reported a vulnerability in Heat template validation. By referencing a local file like /dev/zero, an authenticated user may trick the heatclient and/or the heat engine service to load arbritrary local file content resulting in a Denial of Service attack through memory exhaustion. Note that the file content is not written back to the user, though the user can determine if a file exists and if it is readable by glance-engine. All Heat setups are affected.