CVE-2015-3280

Related Files

Ubuntu Security Notice USN-3449-1

Posted Oct 11, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3449-1 - George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume resources, resulting in a denial of service. George Shuklin and Tushar Patil discovered that OpenStack Nova incorrectly handled deleting instances. A remote authenticated user could use this issue to consume disk resources, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2015-3241, CVE-2015-3280, CVE-2015-5162, CVE-2015-7548, CVE-2015-7713, CVE-2015-8749, CVE-2016-2140

SHA-256 | a1c121127571465465556c60817389564c88cc2b4526a38cad3b673cd9b43192

Download | Favorite | View

Red Hat Security Advisory 2015-1898-01

Posted Oct 16, 2015

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1898-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.

tags | advisory, denial of service

systems | linux, redhat

advisories | CVE-2015-3241, CVE-2015-3280

SHA-256 | a22d3e6289d7cd90e8f02bfa0154496060866ce687902ebc6127863544d4adf6

Download | Favorite | View