oss-sec mailing list archives
[OSSA 2013-024] Resource limit circumvention in Nova private flavors (CVE-2013-4278)
From: Thierry Carrez <thierry () openstack org>
Date: Wed, 28 Aug 2013 10:11:45 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenStack Security Advisory: 2013-024 CVE: CVE-2013-4278 Date: August 28, 2013 Title: Resource limit circumvention in Nova private flavors Reporter: Ken'ichi Ohmichi (NEC) Products: Nova Affects: All versions Description: Ken'ichi Ohmichi from NEC reported that the fix for OSSA 2013-019 (CVE-2013-2256) was incomplete. Any tenant was still able to boot any other tenant's private flavors by guessing a flavor ID. This potentially allowed circumvention of any resource limits enforced through the os-flavor-access:is_public property. Havana (development branch) fix: https://review.openstack.org/#/c/42922/ Grizzly fix: https://review.openstack.org/#/c/43281/ Folsom fix: https://review.openstack.org/#/c/43296/ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4278 https://bugs.launchpad.net/nova/+bug/1212179 Regards, - -- Thierry Carrez OpenStack Vulnerability Management Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJSHfcRAAoJEFB6+JAlsQQjpvQP/j1I8/ZNLxCB14BBIYOio9Ra ZIWcHAEwlZG0z0AtN2YACBnE/kXXu5lCy4fmQ8tQWpPAicKFp5zzFTBnz4Pt9BiD KtcDHe9keOfmGfIo1dWCZ3UIZt3dmoAuN0BDnS3XZpniufeczZDw3HInQJD17nn1 yrdHIZBt+0SL/wRRGQYcHy8e5EdCD2a2MNEsbYqDqptgBRHL51hUhRyxX8LMEtOI LsCOvLqnBwOgUlkgRKtkKaYRwxAvHaD3JejWveNqlFXIf6i+j+jrPCophaAYOvTT ET2pmtEbY4yA6Os64yLALFm01I3L4fYeph4FMo7V96PYU13Xfda4Fql4trKzIwxq 8NCRYMrEyM1Tqi8rjyMA4ed4N3QU83ZHjDYpUO2cz8cH2KNMGCIDuLDoLXIyFOs+ rskNXzVIbQSi0iCS1I0bFfCevOjOyDral+tXW/0bXoRZiIAytq0jWPbr9rC5jmGt w7PXlW5g94pn6somugggfQTYcO1OawGXcTz+5wfjvadSk+RCY0hdHSwcw3DcuRoY UsZulKplYN/STawQ0ZoM8vqz1QnbcqNw5asRfSXRZ0j38Y7ZrLBUuNWS9bQJ1rN6 ZYy6cf5uNDkOEsiQu9JuG+CsZUz05GZPgclM+HHjGIatUneKfAm8fqfzPASPsTaX Crc4E9EcihvoDeqISjdQ =UGXf -----END PGP SIGNATURE-----
Current thread:
- [OSSA 2013-024] Resource limit circumvention in Nova private flavors (CVE-2013-4278) Thierry Carrez (Aug 28)