CVEs related to bugs in OpenStack Compute (nova)

Open bugs

Bug CVE(s)
Bug #1417975: race conditions in security-group additions CVE-2017-18191
OpenStack Compute (nova) In progress, assigned to Hongbin Lu
Bug #1419577: when live-migrate failed, lun-id couldn't be rollback in havana CVE-2015-2687
OpenStack Compute (nova) In progress, assigned to Lee Yarwood
Bug #1734320: Eavesdropping private traffic CVE-2018-14636
OpenStack Compute (nova) In progress, assigned to sean mooney

Resolved bugs

Bug CVE(s)
Bug #754900: [SRU] Nova-manage network delete does not delete from fixed_ips CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #853330: qcow format could expose host filesystem information CVE-2011-3147
OpenStack Compute (nova) Fix released, assigned to Scott Moser
Bug #868360: Incorrect secret key causes user details to be revealed CVE-2011-4076
OpenStack Compute (nova) Fix released, assigned to Stanislaw Pitucha
Bug #885167: Path Traversal possible when downloading an image CVE-2011-4596
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #887191: OS API: XML Namespace Handling Broken CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Davanum Srinivas (DIMS)
Bug #894755: Potential directory traversal in _untarzip_image CVE-2011-4596
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #904072: project_id could be overwritten to any value by URI value CVE-2012-0030
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #917615: Inappropriate exception handling on kvm live/block migration CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Kei Masumoto
Bug #917963: ajaxterm/qweb.py facilitates arbitrary code execution CVE-2009-1629
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #921774: snapshot stays in saving state if the vm base image is deleted CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Boris Filippov
Bug #939122: floating ips do not display in 'nova list' after association to instance CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #952176: [SRU] Cannot associate a second network/vlan to a tenant with "nova-manage network modify" CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to MotoKen
Bug #956096: Listing flavors with marker set returns 400 CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Philip Knouff
Bug #962515: PUT/POST of large server name's can increase nova API log file size massively CVE-2012-1585
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #962615: [SRU] Unable to list volumes after building from snapshot CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to John Griffith
Bug #967931: [SRU] killfilter should handle updated/deleted executables CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #968843: [SRU] connection leak in rpc connection pool CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #969545: missing quotas on security group rules CVE-2012-2101
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #971621: nova delete lxc-instance umounts the wrong rootfs CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #971640: [SRU] public key injection should be configurable CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Peng Yong
Bug #973194: [SRU] Parallel VM creation fails when nova-computes share the disks and each nova-compute node has no cached images. CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Mandar Vaze
Bug #975043: [SRU] Cloudpipe VPN instance can loose connectivity after starting openvpn CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Cor Cornelisse
Bug #977007: instance live migration should create virtual_size disk image CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Yaguang Tang
Bug #977759: [SRU] With QuantumManager, nova-network does not start dnsmasq during initialization CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Mandar Vaze
Bug #983206: [SRU] nova errors when keypair starts with 0XG using EC2 API CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Joe Gordon
Bug #985162: Firewall rules from nova-compute are not refreshed after host reboot CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #985184: Security groups fail to be set correctly if incorrect case is used for protocol specification CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #986922: Call to network_get_all_by_uuids missing 'db' CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Alex Meade
Bug #987335: [SRU] libvit/connection.py missing console_log variable CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Alvaro Lopez
Bug #988615: [SRU] xen: destroy_vdi breaks because session is not passed in CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Renuka Apte
Bug #989764: [SRU] timeout on EC2 CreateImage action is 60 hours instead of 1 hour CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Eoghan Glynn
Bug #990237: [sru] libvirt get_console_output: 'instance_name' is not defined CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #992805: test_get_console_output_file requires sudo NOPASSWD CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #992916: [SRU] nova.tests.test_nova_rootwrap fails on Fedora 17 CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #993663: [SRU] dns_domains table mysql charset is 'latin1'. Should be 'utf8' CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #994935: Deleting Flavor currently in use by instance creates error CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Josh Kearney
Bug #997014: [SRU] Memory is not correctly computed for Xen+libvirt CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Alvaro Lopez
Bug #997763: floating ips are not disassociated from instances on deletion CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Trey Morris
Bug #999698: qpid timeout causing compute service to crash CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1000261: newer `qemu-img info` causes in exception when finding the backing file for qcow2 images CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1000403: [SRU] multi scheduler does not handle capabilities updates correctly CVE-2012-2101
CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Armando Migliaccio
Bug #1000853: Restarting nova-network removes ip packet filters CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1004007: Incorrect Exception raised during Create server when metadata over 255 characters CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Davanum Srinivas (DIMS)
Bug #1004298: not able to get host total memory in xen with libvirt CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1004791: When attach volume lost attach when node restart CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Dan Smith
Bug #1006664: euca-describe-keypair NonExistent returns 200 CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Joe Gordon
Bug #1007573: affinity filters don't work if scheduler_hints is None CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1010514: Source group based security group rule without protocol and port causes failures CVE-2012-2654
OpenStack Compute (nova) Fix released, assigned to Soren Hansen
Bug #1012374: impl_qpid doesn't ACK messages CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1013147: Missing filters due to nova-rootwrap hardcoding paths CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #1013689: cannot umount guestfs CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1013782: Stop/start a KVM instance with volumes attached produces an error state CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1014769: NoMoreFixedIps: Zero fixed ips available. Nova seems leaking them. CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1014925: API 'v1.1/{tenant_id}/os-hosts' does not return a list of hosts CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Joe Gordon
Bug #1015531: Remote arbitrary file corruption / creation flaw via injected files CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1015731: resize leave leftover libvirt configs CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Jian Wen
Bug #1016273: ram_allocation_ratio does not work CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Joe Gordon
Bug #1017418: NoMoreFloatingIps: Zero floating ips available after repeatedly creating and destroying instances over time CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1017795: scheduler hang (DOS) possible with DifferentHostFilter/SameHostFilter CVE-2012-3371
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #1018586: cleanup_file_locks does not remove stale sentinel files CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Eugene Kirpichov
Bug #1018721: Launching with source groups under load produces lazy load error CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1020634: [nova][volumes] Exceeding volumes quotas logs "VolumeSizeTooLarge" instead of "VolumeLimitExceeded" CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Eoghan Glynn
Bug #1021340: Race condition in network/deallocate_for_instance() leads to security issue CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Phil Day
Bug #1021352: Deallocation of fixed IP occurs before security group refresh – leading to potential security issue in error / race conditions CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to David McNally
Bug #1021373: [nova][volumes] Exceeding volumes, gigabytes and floating_ips quotas returns general uninformative HTTP 500 error CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Eoghan Glynn
Bug #1022036: metadata injection is broken in xen CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1023169: update nova to report quantum floating IPs CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Akihiro Motoki
Bug #1026210: Nova flavor ephemeral space size reported incorrectly CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to David Besen
Bug #1027105: Restarting nova-compute removes ip packet filters CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Derek Higgins
Bug #1027984: nova testsuite errors on newer versions of python-boto (e.g. 2.5.2) CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Ionuț Arțăriși
Bug #1028092: Resizing a Xen instance with attached volumes fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #1029430: KVM guests networking issues with no virbr0 and with vhost_net kernel modules loaded CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Adam Gandelman
Bug #1029463: Libvirt driver reports incorrect error when volume-detach fails CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Dan Smith
Bug #1030430: qpid_heartbeat setting in ineffective CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1031311: [OSSA 2012-011] CVE-2012-3361 not fully addressed CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1033178: pycrypto is unused and the existing code is potentially insecure to use CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Stanislaw Pitucha
Bug #1036902: Block storage connections are NOT restored on system reboot CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Rafi Khardalian
Bug #1038266: Deleted floating ips can cause instance delete to fail CVE-2012-3360
CVE-2012-3361
CVE-2012-3371
CVE-2012-3447
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1040537: Bridge port's hairpin mode not set after resuming a machine CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Yaguang Tang
Bug #1043999: nova usage-list returns wrong usage CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Rongze Zhu
Bug #1045152: Heavily loaded nova-compute instances don't sent reports frequently enough CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Tiantian Gao
Bug #1046313: At termination, LXC rootfs is not always unmounted before rmtree() is called CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1050359: Tests fail on 32bit machines (_get_hash_str is platform dependent) CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Ben Swartzlander
Bug #1050982: ensure_default_security_group() does not call sgh CVE-2012-5625
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Aaron Rosen
Bug #1053364: Add SIGPIPE handler to subprocess execution in rootwrap and utils.execute CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #1053441: Instances in vm state DELETED are preventing compute restart CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Stanislaw Pitucha
Bug #1055413: Fail to boot raw image on XenServer CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mate Lakat
Bug #1055431: Xenserver cannot boot vm_mode=xen type images CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mate Lakat
Bug #1056122: attach-time field for volumes is not updated for detach volume CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Arathi
Bug #1056242: Cloudpipe extension xml serialization doesn't return the instance(s) data CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mauro S M Rodrigues
Bug #1056285: ComputeManager does not provide block_device_info on destroy call in revert_resize CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mathew Odden
Bug #1056380: deleting security group does not mark rules as deleted CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Aaron Rosen
Bug #1056601: deletes fail when instance in RESIZED CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #1057069: trigger_instance[add/remove]_security_group_refresh are never called CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Aaron Rosen
Bug #1057145: db tests fail with sqlalchemy 0.7.4 CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1057196: IP Protocol for security group should be returned in lower case to be compliant with the ec2 api CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to John Herndon
Bug #1057279: console auth does not work with memcache, unicode error CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Eugene Kirpichov
Bug #1057719: libvirt: concurrent detach_volume and terminate fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1057730: libvirt: cannot detach volume from stopped domain CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1057756: libvirt: if exception raised during volume_detach, volume state is inconsistent CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1058273: Snapshotting LXC instance fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to David Kang
Bug #1059366: nova-network cannot re-generate MAC address if collision happen CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Dan Smith
Bug #1060255: Host field set too early during builds CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Brian Elliott
Bug #1060363: Resource tracker uses regex DB query too often CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Johannes Erdfelt
Bug #1060836: libvirt: detaching volume may fail while terminating other instances on the same host concurrently CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to MotoKen
Bug #1060925: libvirt: rebuild is not using kernel and ramdisk associated with the new image CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Sirisha Devineni
Bug #1061124: Enabling Return Reservation ID with XML create server request returns no body CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Matthew Treinish
Bug #1061499: API calls to dis-associate an auto-assigned floating IP should return proper warning CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Sirisha Devineni
Bug #1061944: xen volume auto device selection always picks xvdb CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to clayg
Bug #1062033: nova-compute will assign the same device name if volume-attach continuously CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to MotoKen
Bug #1062314: do_refresh_security_group_rules in nova.virt.firewall is very slow CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1063851: metadata service throws 500 - NoSuchOptError CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1064083: xenapi migrations fail w/ swap CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #1064359: nova-manage doesn't validate the key value supplied to update the quota CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vijaya Erukala
Bug #1064524: Nic Ordering not guaranteed with Quantum API CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mark McClain
Bug #1064713: hostname in metadata ends with . if dhcp_domain flag is empty CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to melanie witt
Bug #1065053: Nova backup image fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Édouard Thuleau
Bug #1065092: Resource reservation isn't rolled back properly for certain failures during Instance Create CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Andy McCrae
Bug #1065440: resize does not migrate DHCP host information CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Jian Wen
Bug #1065702: After folsom upgrade, instances can no longer access existing volumes. CVE-2012-5625
OpenStack Compute (nova) Invalid by John Griffith
Bug #1065785: volume and snapshot IDs do not correctly map to UUIDs after folsom upgrade CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Adam Gandelman
Bug #1066513: live_migration missing migrate_data parameter in Hyper-V driver CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Alessandro Pilotti
Bug #1066887: live-migration and volume host assignement CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Alex Handle
Bug #1067214: forget to release resource when terminate an instance from a failed compute node CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1068716: Instances deleted during spawn leak network allocations CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Jason Kölker
Bug #1069099: block device mappings for deleted instances are leaked CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Eoghan Glynn
Bug #1069573: Cloudpipe in Folsom: no such option: cnt_vpn_clients CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1069904: [OSSA 2013-001] No authentication on block device used for os-volume_boot CVE-2013-0208
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1070045: Nova API does not work with QuantumV2 API subclasses CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Mark McClain
Bug #1070138: admin can't describe all images in ec2 api CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to MotoKen
Bug #1070509: nova-api now requires quantumclient CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1070539: [OSSA 2012-020] create_lvm_image allocates dirty blocks (CVE-2012-5625) CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Thierry Carrez
Bug #1071069: After restarting an instance volume is lost CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1071168: 'BackupCreate' should accept rotation parameter greater than or equal to zero CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Édouard Thuleau
Bug #1071536: typo prevents volume_tmp_dir flag from working CVE-2012-5625
OpenStack Compute (nova) Invalid (unassigned)
Bug #1071595: finish_resize failures result in NoneType exception CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #1071600: confirm_resize mgr call requires admin context CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Chris Behrens
Bug #1073306: [OSSA 2013-030] xenapi migrations don't apply security group filters (CVE-2013-4497) CVE-2013-4497
OpenStack Compute (nova) Fix released, assigned to John Garbutt
Bug #1073569: Jenkins jobs fail because of incompatibility between sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1 CVE-2012-4573
CVE-2012-5563
CVE-2012-5571
OpenStack Compute (nova) Fix released (unassigned)
Bug #1073600: Compute manager doesn't update 'host' field when it tries to run a VM CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Édouard Thuleau
Bug #1073720: libvirt reboot sometimes fails to reattach volumes CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1073736: Calls to to_xml() to generate XML for a soft deleted flavor fail CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Rafi Khardalian
Bug #1073858: nova-api crashes if it is run with nobody account. CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1074437: disassociate_floating_ip with multi_host=True fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Brian Waldon
Bug #1075017: libvirt imagecache still runs even if disabled CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1075018: libvirt imagecache should handle shared image storage CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1075859: use_single_default_gateway does not function correctly CVE-2012-5625
CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Joe Breu
Bug #1076308: Logging CPU incompatibility when attempting live migration fails CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Darren Worrall
Bug #1078085: Nova does not delete the LV on LVM backed VMs CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Yaguang Tang
Bug #1078718: Fixed IP isn't released before updating DHCP host file CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Édouard Thuleau
Bug #1079113: disk path not exists when using LXC with libvirt_images_type=lvm CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Qiu Yu
Bug #1079387: 413 error code doesn't always provide Retry-After CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Sean Dague
Bug #1079745: Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes attached CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Invalid (unassigned)
Bug #1080406: DisassociateAddress can cause Internal Server Error CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1081436: Only return the last N lines of the console log CVE-2012-5625
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1081836: nova-compute (folsom) fails to start, compute_driver is None CVE-2012-5625
OpenStack Compute (nova) Invalid (unassigned)
Bug #1083818: Detached and deleted RBD volumes remain associated with instance CVE-2012-5625
OpenStack Compute (nova) Invalid (unassigned)
Bug #1091939: nova-network applies too liberal a SNAT rule CVE-2013-0208
CVE-2013-0335
CVE-2013-1664
CVE-2013-1838
OpenStack Compute (nova) Invalid (unassigned)
Bug #1100282: [OSSA 2013-004] DoS through XML entity expansion (CVE-2013-1664) CVE-2013-1664
OpenStack Compute (nova) Fix released, assigned to Dan Prince
Bug #1125378: [OSSA-2013-006] VNC proxy can be made to connect to wrong VM CVE-2013-0335
OpenStack Compute (nova) Fix released, assigned to John Herndon
Bug #1125468: [OSSA 2013-008] DOS by allocating all fixed ips CVE-2013-1838
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1129748: image files in _base should not be world-readable CVE-2013-0326
OpenStack Compute (nova) Opinion (unassigned)
Bug #1174608: [OSSA 2013-010] Insecure directory creation for signing CVE-2013-2030
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1177830: [OSSA 2013-012] Unchecked qcow2 root disk sizes CVE-2013-2096
OpenStack Compute (nova) Fix released, assigned to Chet Burgess
Bug #1184041: [OSSA 2013-020] Denial of Service in Nova network source security groups (CVE-2013-4185) CVE-2013-4185
OpenStack Compute (nova) Fix released, assigned to Vish Ishaya
Bug #1190229: [OSSA 2013-023] Potential unsafe XML usage (CVE-2013-4179, CVE-2013-4202) CVE-2013-4179
CVE-2013-4202
OpenStack Compute (nova) Fix released, assigned to Michael Still
Bug #1194093: [OSSA 2013-019] Resource limit circumvention in Nova private flavors (CVE-2013-2256) CVE-2013-2256
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1202266: [OSSA 2013-030] xenapi: secgroups are not in place after live-migration (CVE-2013-4497) CVE-2013-4497
OpenStack Compute (nova) Fix released, assigned to John Garbutt
Bug #1206081: [OSSA 2013-029] Unchecked qcow2 root disk sizes DoS CVE-2013-4463
CVE-2013-4469
OpenStack Compute (nova) Fix released, assigned to Pádraig Brady
Bug #1212179: [OSSA 2013-024] nova should check the is_public of flavor when creating an instance CVE-2013-4278
OpenStack Compute (nova) Fix released, assigned to Russell Bryant
Bug #1215091: [OSSA 2013-026] Some sequence of characters in console-log can DoS nova-compute (CVE-2013-4261) CVE-2013-4261
OpenStack Compute (nova) Invalid by Michael Still
Bug #1227027: [OSSA 2014-001] Insecure directory permissions with snapshot code (CVE-2013-7048) CVE-2013-7048
OpenStack Compute (nova) Fix released (unassigned)
Bug #1235450: [OSSA 2013-033] Metadata queries from Neutron to Nova are not restricted by tenant (CVE-2013-6419) CVE-2013-6419
OpenStack Compute (nova) Fix released, assigned to Aaron Rosen
Bug #1251590: [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) CVE-2013-7130
OpenStack Compute (nova) Fix released, assigned to Nikola Đipanov
Bug #1253980: [OSSA 2013-037] DoS attack via setting os_type in snapshots (CVE-2013-6437) CVE-2013-6437
OpenStack Compute (nova) Fix released, assigned to moorryan
Bug #1269418: [OSSA 2014-017] nova rescue doesn't put VM into RESCUE status on vmware (CVE-2014-2573) CVE-2014-2573
OpenStack Compute (nova) Fix released, assigned to Gary Kotton
Bug #1290537: [0SSA 2014-011] RBAC policy not enforced when adding a security group rule using EC2 API (CVE-2014-0167) CVE-2014-0167
OpenStack Compute (nova) Fix released, assigned to Andrew Laski
Bug #1325128: [OSSA 2014-024] nova metadata does not use a constant time compare for validating an HMAC token (CVE-2014-3517) CVE-2014-3517
OpenStack Compute (nova) Fix released, assigned to Grant Murphy
Bug #1338830: [OSSA 2014-032] Nova VMware driver still leaks rescued images (CVE-2014-3608) CVE-2014-2573
CVE-2014-3608
OpenStack Compute (nova) Invalid by Andrew Laski
Bug #1341954: suds client subject to cache poisoning by local attacker CVE-2013-2217
OpenStack Compute (nova) Fix released, assigned to Davanum Srinivas (DIMS)
Bug #1343604: Exceptions thrown, and messages logged by execute() may include passwords (CVE-2014-7230) CVE-2014-7230
OpenStack Compute (nova) Fix released (unassigned)
Bug #1345233: Make the checks in strutils.mask_password more secure (CVE-2014-7231) CVE-2014-7231
OpenStack Compute (nova) Invalid (unassigned)
Bug #1357372: [oss-security] [OSSA 2014-035] Nova VMware driver may connect VNC to another tenant's console (CVE-2014-8750) CVE-2014-8750
OpenStack Compute (nova) Fix released, assigned to Gary Kotton
Bug #1358583: [OSSA 2014-038] List instances by IP results in DoS of nova-network (CVE-2014-3708) CVE-2014-3708
OpenStack Compute (nova) Fix released, assigned to Tristan Cacqueray
Bug #1374999: iSCSI volume detach does not correctly remove the multipath device descriptors CVE-2013-1068
OpenStack Compute (nova) Invalid (unassigned)
Bug #1377981: [OSSA 2014-036] Missing fix for ssh_execute (Exceptions thrown may contain passwords) (CVE-2014-7230, CVE-2014-7231) CVE-2014-7230
CVE-2014-7231
OpenStack Compute (nova) Fix released, assigned to Tristan Cacqueray
Bug #1387543: [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241) CVE-2015-3241
OpenStack Compute (nova) Fix released, assigned to Abhishek Kekane
Bug #1392527: [OSSA 2015-017] Deleting instance while resize instance is running leads to unuseable compute nodes (CVE-2015-3280) CVE-2015-3280
OpenStack Compute (nova) Fix released, assigned to Tristan Cacqueray
Bug #1409142: [OSSA 2015-005] Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259) CVE-2015-0259
OpenStack Compute (nova) Fix released, assigned to Dave McCowan
Bug #1415087: [OSSA 2015-011] Format-guessing and file disclosure in image convert (CVE-2015-1850, CVE-2015-1851) CVE-2015-1850
CVE-2015-1851
OpenStack Compute (nova) Invalid by Tony Breeds
Bug #1449062: [OSSA 2016-012] qemu-img calls need to be restricted by ulimit (CVE-2015-5162) CVE-2015-1850
CVE-2015-1851
CVE-2015-5162
OpenStack Compute (nova) Fix released, assigned to Daniel Berrange
Bug #1474079: Cross-site web socket connections fail on Origin and Host header mismatch CVE-2015-0259
OpenStack Compute (nova) Fix released, assigned to Mike Dorman
Bug #1516765: [OSSA 2016-002] xenapi: volume_utils._parse_volume_info can leak connection password via StorageError (CVE-2015-8749) CVE-2015-8749
OpenStack Compute (nova) Fix released, assigned to Matt Riedemann
Bug #1518016: [SRU] Nova kilo requires concurrency 1.8.2 or better CVE-2013-1068
OpenStack Compute (nova) Invalid (unassigned)
Bug #1524274: [OSSA 2016-001] Unprivileged api user can access host data using instance snapshot (CVE-2015-7548) CVE-2015-7548
OpenStack Compute (nova) Fix released, assigned to Matthew Booth
Bug #1529836: Fix deprecated library function (os.popen()). CVE-2016-0738
OpenStack Compute (nova) Fix released, assigned to Harshada Mangesh Kakad
Bug #1548450: [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) CVE-2016-2140
OpenStack Compute (nova) Fix released, assigned to Lee Yarwood
Bug #1558697: [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string CVE-2016-2140
OpenStack Compute (nova) Invalid (unassigned)
Bug #1589821: cleanup_incomplete_migrations periodic task regression with commit 099cf53 (CVE-2016-7498) CVE-2015-3280
CVE-2016-7498
OpenStack Compute (nova) Fix released, assigned to Matt Riedemann
Bug #1664931: [OSSA-2017-005] nova rebuild ignores all image properties and scheduler filters (CVE-2017-16239) CVE-2017-16239
OpenStack Compute (nova) Fix released, assigned to Matt Riedemann
Bug #1673569: [OSSA-2017-002] Failed notification payload is dumped in logs with auth secrets (CVE-2017-7214) CVE-2017-7214
OpenStack Compute (nova) Fix released, assigned to Balazs Gibizer
Bug #1732976: [OSSA-2017-006] Potential DoS by rebuilding the same instance with a new image multiple times (CVE-2017-17051) CVE-2017-16239
CVE-2017-17051
OpenStack Compute (nova) Fix released, assigned to Dan Smith
Bug #1739593: [OSSA-2018-001] Swapping encrypted volumes can lead to data loss and a possible compute host DOS attack (CVE-2017-18191) CVE-2017-18191
OpenStack Compute (nova) Fix released, assigned to Lee Yarwood