OSSA-2013-019: Resource limit circumvention in Nova private flavors

OSSA-2013-019: Resource limit circumvention in Nova private flavors¶

Date:: August 06, 2013
CVE:: CVE-2013-2256

Affects¶

Nova: All versions

Description¶

hzrandd from NetEase reported a resource limit circumvention vulnerability in Nova’s handling of private flavors. Any tenant is able to show and boot any other tenant’s private flavors by guessing a flavor ID. This not only exposes the flavor’s name, memory and disk size, swap allocation, VCPU count and similar flavor properties, but potentially allows circumvention of any resource limits enforced through the os-flavor-access:is_public property.

Patches¶

https://review.openstack.org/#/c/38318 (Folsom)
https://review.openstack.org/#/c/37992 (Grizzly)
https://review.openstack.org/#/c/34963 (Havana)

Credits¶

hzrandd from NetEase (CVE-2013-2256)

References¶

this page last updated: 2024-03-18 15:52:07

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.