Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 21 Sep 2016 12:29:50 -0400 (EDT)
From: cve-assign@...re.org
To: tdecacqu@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request for vulnerability in OpenStack Nova

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Title: Nova may fail to delete images in resize state regression
> Affects: ==13.0.0
> 
> If an
> authenticated user deletes an instance while it is in resize state, it
> will cause the original instance to not be deleted from the compute node
> it was running on. An attacker can use this to launch a denial of
> service attack. All Nova setups are affected.
> 
> This bug is similar to OSSA-2015-017 (CVE-2015-3280) and was
> re-introduced in the first release of Mitaka version of Nova and it was
> re-fixed in nova-13.1.0.
> 
> https://launchpad.net/bugs/1589821

>> cleanup_incomplete_migrations periodic task regression with commit
>> 099cf53925c0a0275325339f21932273ee9ce2bc

>> This reverts commit 099cf53925c0a0275325339f21932273ee9ce2bc.

Use CVE-2016-7498.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX4rTJAAoJEHb/MwWLVhi2XbYQAJyHRL8m6k3pOx7KnR0yhb3r
UaUcM8iKeJlbL218NgqOcMt0TEhwq6MmhWAWWoa6ptVoVGuriZuuzEXA9QcrgEIU
GF2PEN5umuD6XDP2kqg7InlP1DkGyCU4j5nu4vqg5h31oxuxedQ2kROzUUZbeDew
6fyMpay+suYOTc2eQaP86kTqrx69B/zm0K1agR49Z1dDF/+B0J/HiPAXV+3tmwRy
XfbtQyZwIfLF4wbFmPZVMYuUZqXZhM0piRdFwmkjTiF3Wkf5neo50+qZnU3N8g7b
izWhpemQ+LhZdPEiS2XX7xB+xhZHyGxDrBXdEsf4dEc2NdpjQ4vr/fgk4c41XCvM
2DTtNQLAiTfq5P5KoFS0loAkzTH4H3IRk9iBA9ta2bK6IdDN9arZOwAdxXEgx8Ju
gdoGqGcX9dKrIqo7EMB8u2cM6pdz4BZQqJw6ceXXjBcc+ai46C+6NqwMlTnyYLs2
7gFr6J/RqQpWfQDDZA2LzQbSEFzEJhR3J6eHO/0KuPGMzFVWcAWXJPa1b99ZwTjF
fcGD56XcbJROXbSb+kPxj7kw29k5/1rxaY4qXiWXpvsBXI4juLHH7l2lVMmlLXZ6
xmyNlBIEs/tE3xnj541xAVODZjYkYNiLqvwZaNk/TAiIJ5E85IIp+Eg9r0+OxpuH
kh4a4OUoAvv//hPZkckh
=b3GM
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ