Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30893
HistoryJun 19, 2014 - 12:00 a.m.

[oss-security] [OSSA 2014-017] Nova VMWare driver leaks rescued images (CVE-2014-2573)

2014-06-1900:00:00
vulners.com
22
JSON

OpenStack Security Advisory: 2014-017
CVE: CVE-2014-2573
Date: May 29, 2014
Title: Nova VMWare driver leaks rescued images
Reporter: Jaroslav Henner (Red Hat)
Products: Nova
Versions: from 2013.2 to 2013.2.3, and 2014.1

Description:
Jaroslav Henner from Red Hat reported a vulnerability in Nova. By
requesting Nova place an image into rescue, then deleting the image,
an authenticated user my exceed their quota. This can result in a
denial of service via excessive resource consumption. Only setups
using the Nova VMWare driver are affected.

Juno (development branch) fix:
https://review.openstack.org/75788
https://review.openstack.org/80284

Icehouse fix:
https://review.openstack.org/88514
https://review.openstack.org/89217

Havana fix:
https://review.openstack.org/89762
https://review.openstack.org/89768

Notes:
This fix will be included in the juno-1 development milestone and in
future 2013.2.4 and 2014.1.1 releases.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2573
https://launchpad.net/bugs/1269418

– Jeremy Stanley OpenStack Vulnerability Management Team

Related

debiancve 2
cve 2
ubuntucve 2
prion 2
seebug 1
veracode 1
osv 1
nessus 1
github 1
redhat 2
securityvulns 1
debiancve
debiancve
CVE-2014-2573
2014-03-25 16:55:00
CVE-2014-3608
2014-10-06 14:55:00
cve
cve
CVE-2014-2573
2014-03-25 16:55:00
CVE-2014-3608
2014-10-06 14:55:00
ubuntucve
ubuntucve
CVE-2014-2573
2014-03-25 00:00:00
CVE-2014-3608
2014-10-06 00:00:00
prion
prion
Design/Logic Flaw
2014-03-25 16:55:00
Design/Logic Flaw
2014-10-06 14:55:00
seebug
seebug
OpenStack Compute (Nova) VMWare驱动配额限制绕过拒绝服务漏洞
2014-03-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:52
osv
osv
OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
2022-05-14 01:58:45
nessus
nessus
Oracle Solaris Third-Party Patch Update : nova (multiple_vulnerabilities_in_nova)
2015-01-19 00:00:00
github
github
OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service
2022-05-14 01:58:45
redhat
redhat
(RHSA-2014:1782) Important: openstack-nova security, bug fix, and enhancement update
2014-11-03 08:21:32
(RHSA-2014:1781) Important: openstack-nova security, bug fix, and enhancement update
2014-11-03 08:20:52
securityvulns
securityvulns
OpenStack multiple security vulnerabilities
2014-06-19 00:00:00
JSON
Related for SECURITYVULNS:DOC:30893
debiancve2cve2ubuntucve2prion2seebug1veracode1osv1nessus1github1redhat2securityvulns1