Glance images are loaded into memory
Bug #1736920 reported by
Stephen Finucane
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Invalid
|
Undecided
|
Unassigned | ||
OpenStack Security Advisory |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Nova appears to be loading entire responses from glance into memory [1]. This is generally not an issue but these responses could be an entire images [2]. Given a large enough image, this seems like a potential avenue for DoS, not to mention being highly inefficient.
[1] https:/
[2] https:/
description: | updated |
Changed in ossa: | |
status: | Incomplete → Invalid |
information type: | Public Security → Public |
To post a comment you must log in.
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.