Comment 21 for bug 1387543
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Resize/delete combo allows to overload nova-compute | #21 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
We proposed to issue a single advisory for this issue and #1392527 which are similar in term of impact. However, in case this bug couldn't be fixed at the same time, we might want to issue a different advisory (in order to not block one because of the other). Here is the impact description draft:
Title: Nova instance migration process does not stop when instance is deleted
Reporter: George Shuklin (Webzilla LTD)
Products: Nova
Affects: versions through 2014.1.4, and 2014.2 versions through 2014.2.3, and version 2015.1.0
Description:
George Shuklin from Webzilla LTD reported a vulnerability in Nova migration process. By resizing and deleting an instance repeatedly an authenticated user may overcome his quota and overload Nova computes node resulting in a denial of service attack. All Nova setups are affected.