LOW
GHSA-hq3f-9gf7-73r8
Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
상세
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- https://nvd.nist.gov/vuln/detail/CVE-2012-2101 [ADVISORY]
- https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7 [WEB]
- https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb [WEB]
- https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64 [WEB]
- https://bugs.launchpad.net/nova/+bug/969545 [WEB]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75243 [WEB]
- https://github.com/openstack/nova [PACKAGE]
- https://github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2012-36.yaml [WEB]
- https://lists.launchpad.net/openstack/msg10268.html [WEB]
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html [WEB]
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html [WEB]
- http://ubuntu.com/usn/usn-1438-1 [WEB]