Showing 1 - 3 of 3

CVE-2015-3241

Status Candidate

Overview

OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.

Related Files

Ubuntu Security Notice USN-3449-1: Posted Oct 11, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3449-1 - George Shuklin discovered that OpenStack Nova incorrectly handled the migration process. A remote authenticated user could use this issue to consume resources, resulting in a denial of service. George Shuklin and Tushar Patil discovered that OpenStack Nova incorrectly handled deleting instances. A remote authenticated user could use this issue to consume disk resources, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2015-3241, CVE-2015-3280, CVE-2015-5162, CVE-2015-7548, CVE-2015-7713, CVE-2015-8749, CVE-2016-2140; SHA-256 | a1c121127571465465556c60817389564c88cc2b4526a38cad3b673cd9b43192; Download | Favorite | View

Red Hat Security Advisory 2015-1898-01: Posted Oct 16, 2015; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2015-1898-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2015-3241, CVE-2015-3280; SHA-256 | a22d3e6289d7cd90e8f02bfa0154496060866ce687902ebc6127863544d4adf6; Download | Favorite | View

Red Hat Security Advisory 2015-1723-01: Posted Sep 4, 2015; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2015-1723-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A denial of service flaw was found in the OpenStack Compute instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2015-3241; SHA-256 | 269739fb4eed0939a3fe5bb0e77cba50b89e6fbd83789e3bbbb4575bef7aba78; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 173 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,123)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,209)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,823)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,848)
UNIX (9,455)
UnixWare (188)
Windows (6,772)
Other

CVE-2015-3241

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems