Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-2101

Published: 19 April 2012

Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.

Priority

Medium

Status

Package Release Status
nova
Launchpad, Ubuntu, Debian 		hardy Does not exist

lucid Does not exist

natty Ignored
(end of life)
oneiric
Released (2011.3-0ubuntu6.6)
precise
Released (2012.1-0ubuntu2.1)
quantal
Released (2012.1-0ubuntu2.1)
upstream Needs triage

Patches:
upstream: https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64
upstream: https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading