Your submission was sent successfully! Close

USN-1715-1: OpenStack Keystone vulnerability

5 February 2013

Keystone could be made to fill server disks with error messages.

Releases

Packages

Details

Dan Prince discovered that Keystone did not properly perform input
validation when handling certain error conditions. An unauthenticated user
could exploit this to cause a denial of service in Keystone API servers via
disk space exhaustion.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10
Ubuntu 12.04

In general, a standard system update will make all the necessary changes.

References