Comment 20 for bug 1732976
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Potential DoS by rebuilding the same instance with a new image multiple times | #20 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Thanks for the corrections! Updated impact description follows...
Title: Nova FilterScheduler doubles resource allocations during rebuild with new image
Reporter: Matt Riedemann (Huawei)
Products: Nova
Affects: 16.0.3
Description:
Matt Riedemann from Huawei reported a vulnerability in OpenStack Nova's default FilterScheduler. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239), however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.