Adds OSSA-2017-006 (CVE-2017-17051)
Change-Id: I6110a60e10afb6cad11ec19156a27362c0c1ec2f Related-Bug: #1732976
This commit is contained in:
parent
ab54ce232d
commit
e2283a6b9e
|
@ -0,0 +1,39 @@
|
|||
date: 2017-12-05
|
||||
|
||||
id: OSSA-2017-006
|
||||
|
||||
title: >
|
||||
Nova FilterScheduler doubles resource allocations during rebuild with new
|
||||
image
|
||||
|
||||
description: >
|
||||
Matt Riedemann from Huawei reported a vulnerability in OpenStack Nova's
|
||||
default FilterScheduler. By repeatedly rebuilding an instance with new
|
||||
images, an authenticated user may consume untracked resources on a hypervisor
|
||||
host leading to a denial of service. This regression was introduced with the
|
||||
fix for OSSA-2017-005 (CVE-2017-16239), however, only Nova stable/pike or
|
||||
later deployments with that fix applied and relying on the default
|
||||
FilterScheduler are affected.
|
||||
|
||||
affected-products:
|
||||
- product: nova
|
||||
version: "==16.0.3"
|
||||
|
||||
vulnerabilities:
|
||||
- cve-id: CVE-2017-17051
|
||||
|
||||
reporters:
|
||||
- name: Matt Riedemann
|
||||
affiliation: Huawei
|
||||
reported:
|
||||
- CVE-2017-17051
|
||||
|
||||
issues:
|
||||
links:
|
||||
- https://launchpad.net/bugs/1732976
|
||||
|
||||
reviews:
|
||||
queens:
|
||||
- https://review.openstack.org/521662
|
||||
pike:
|
||||
- https://review.openstack.org/523214
|
Loading…
Reference in New Issue