Title: Scheduler denial of service through scheduler_hints
Impact: High
Reporter: Dan Prince (Red Hat)
Products: Nova
Affects: Essex, Folsom series
Description:
Dan Prince from Red Hat reported a vulnerability in Nova scheduler nodes. By creating servers with malicious scheduler_hints, an authenticated user may generate a huge amount of database calls, potentially resulting in a Denial of Service attack against Nova scheduler nodes. Only setups exposing the OpenStack API and enabling DifferentHostFilter and/or SameHostFilter are affected.
Proposed impact description, please confirm:
Title: Scheduler denial of service through scheduler_hints
Impact: High
Reporter: Dan Prince (Red Hat)
Products: Nova
Affects: Essex, Folsom series
Description:
Dan Prince from Red Hat reported a vulnerability in Nova scheduler nodes. By creating servers with malicious scheduler_hints, an authenticated user may generate a huge amount of database calls, potentially resulting in a Denial of Service attack against Nova scheduler nodes. Only setups exposing the OpenStack API and enabling DifferentHostFilter and/or SameHostFilter are affected.