Thanks for the review, here is the updated impact description draft:
Title: Nova Filter Scheduler bypass through rebuild action
Reporter: George Shuklin (servers.com)
Products: Nova
Affects: >=13.0.0 <=13.1.3, >=14.0.0 <=14.0.4, >=15.0.0 <=15.0.1
George Shuklin from servers.com reported a vulnerability in Nova. By rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected.
Otherwise we need coresec review on the proposed patch in comment #7 and backport to mitaka, newton and ocata, in particular since the patch doesn't apply cleanly on mitaka.
Thanks for the review, here is the updated impact description draft:
Title: Nova Filter Scheduler bypass through rebuild action
Reporter: George Shuklin (servers.com)
Products: Nova
Affects: >=13.0.0 <=13.1.3, >=14.0.0 <=14.0.4, >=15.0.0 <=15.0.1
George Shuklin from servers.com reported a vulnerability in Nova. By rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImageProperties Filter or the IsolatedHostsFi lter). All setups using Nova Filter Scheduler are affected.
I'm still on the fence to keep this under embargo if the filter scheduler aren't a common use-case, should we subscribe ossg-coresec to weigh on this (as explained here: https:/ /security. openstack. org/vmt- process. html#embargo- exceptions ) ?
Otherwise we need coresec review on the proposed patch in comment #7 and backport to mitaka, newton and ocata, in particular since the patch doesn't apply cleanly on mitaka.