Comment 8 for bug 1338830
Revision history for this message
| Grant Murphy (gmurphy) wrote Re: Potential incomplete fix for OSSA 2014-017 | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Draft impact description -
Title: Nova VMWare driver leaks rescued images - incomplete fix
Reporter: Garth Mollett (Red Hat)
Products: Nova
Versions: from 2013.2 to 2013.2.3, and 2014.1 versions up to 2014.1.1
Description:
Garth Mollett from Red Hat reported an incomplete fix to CVE-2014-2573, a vulnerability affecting Nova. If an authenticated user places an instance into rescue, and then issues a suspend command it will cause the instance to enter an ERROR state. Nova does not clean up an instance in this state correctly upon deletion. An attacker can use this to launch a denial of service attack. Only setups using the Nova VMWare driver are affected by this flaw.