Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | nova | < 2012.1-2 | nova_2012.1-2_all.deb |
Debian | 11 | all | nova | < 2012.1-2 | nova_2012.1-2_all.deb |
Debian | 10 | all | nova | < 2012.1-2 | nova_2012.1-2_all.deb |
Debian | 999 | all | nova | < 2012.1-2 | nova_2012.1-2_all.deb |