CVE-2012-2101
Published: 19 April 2012
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
Priority
Status
Package | Release | Status |
---|---|---|
nova Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Released
(2011.3-0ubuntu6.6)
|
|
precise |
Released
(2012.1-0ubuntu2.1)
|
|
quantal |
Released
(2012.1-0ubuntu2.1)
|
|
upstream |
Needs triage
|
|
Patches: upstream: https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64 upstream: https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb |