OSSA-2014-038: Nova network DoS through API filtering

OSSA-2014-038: Nova network DoS through API filtering¶

Date:: October 28, 2014
CVE:: CVE-2014-3708

Affects¶

Nova: up to 2014.1.3, and 2014.2

Description¶

Mohammed Naser from Vexxhost reported a vulnerability in Nova API filters. By listing active servers using an ip filter, an authenticated user may overload nova-network or neutron-server process, resulting in a denial of services. All Nova setups are affected.

Patches¶

https://review.openstack.org/131461 (Icehouse)
https://review.openstack.org/131462 (Juno)
https://review.openstack.org/131460 (Kilo)

Credits¶

Mohammed Naser from Vexxhost (CVE-2014-3708)

References¶

this page last updated: 2024-03-18 15:52:07

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.