OpenStack Nova VMware instance leak potentially leading to compute DoS

GHSA-g63p-mfcm-54c4 · CVE-2014-8333

Published May 14, 2022 · Modified May 19, 2024

Description

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2014-8333
WEB https://github.com/openstack/nova/commit/d71445c7d2d2921d10a08f82330f0ab8ef4f7df2
WEB https://github.com/openstack/nova/commit/e1f8664c9fa83f77f5bb763ffcc3157905ed954c
WEB https://bugs.launchpad.net/nova/+bug/1359138
PACKAGE https://github.com/openstack/nova
WEB http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html
WEB http://rhn.redhat.com/errata/RHSA-2015-0843.html
WEB http://rhn.redhat.com/errata/RHSA-2015-0844.html
WEB http://secunia.com/advisories/60531

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes