Showing 1 - 3 of 3

CVE-2015-3241

Status Candidate

Overview

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.

Related Files

Ubuntu Security Notice USN-3449-1: Posted Oct 11, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3449-1 - George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume resources, resulting in a denial of service. George Shuklin and Tushar Patil discovered that OpenStack Nova incorrectly handled deleting instances. A remote authenticated user could use this issue to consume disk resources, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2015-3241, CVE-2015-3280, CVE-2015-5162, CVE-2015-7548, CVE-2015-7713, CVE-2015-8749, CVE-2016-2140; SHA-256 | a1c121127571465465556c60817389564c88cc2b4526a38cad3b673cd9b43192; Download | Favorite | View

Red Hat Security Advisory 2015-1898-01: Posted Oct 16, 2015; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2015-1898-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2015-3241, CVE-2015-3280; SHA-256 | a22d3e6289d7cd90e8f02bfa0154496060866ce687902ebc6127863544d4adf6; Download | Favorite | View

Red Hat Security Advisory 2015-1723-01: Posted Sep 4, 2015; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2015-1723-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2015-3241; SHA-256 | 269739fb4eed0939a3fe5bb0e77cba50b89e6fbd83789e3bbbb4575bef7aba78; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2015-3241

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems