OSSA-2013-019: Resource limit circumvention in Nova private flavors¶
August 06, 2013
Nova: All versions
hzrandd from NetEase reported a resource limit circumvention vulnerability in Nova’s handling of private flavors. Any tenant is able to show and boot any other tenant’s private flavors by guessing a flavor ID. This not only exposes the flavor’s name, memory and disk size, swap allocation, VCPU count and similar flavor properties, but potentially allows circumvention of any resource limits enforced through the os-flavor-access:is_public property.
hzrandd from NetEase (CVE-2013-2256)