RHEL 7 : openstack-nova (RHSA-2018:0241)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0241 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...

RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...

OpenStack Nova DoS by rebuilding the same instance with a new image multiple times

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was...

Security Bulletin: IBM Cloud Manager with OpenStack is affected by an OpenStack Nova vulnerability

Summary A security vulnerability has been identified in OpenStack Nova that is used by IBM Cloud Manager with OpenStack. This vulnerability only affects IBM Cloud Manager with OpenStack version that ships kilo version of OpenStack. IBM Cloud Manager with OpenStack has addressed these...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

[SECURITY] [DSA 4056-1] nova security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4056-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 07, 2017 https://www.debian.org/security/faq -...

Default credentials

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was...

SUSE-SU-2017:3080-1 Security update for openstack-nova

This update for openstack-nova brings the latest version provided by the OpenStack upstream project including the following security fix: - CVE-2017-16239: Filter Scheduler bypass through rebuild action bsc1066198...

CVE-2017-16239

CVE-2017-16239 affects OpenStack Nova: when rebuilding an instance, authenticated users may bypass the Filter Scheduler (e.g., ImagePropertiesFilter, IsolatedHostsFilter), affecting all setups using the Nova Filter Scheduler across 14.x, 15.x, and 16.x branches. Root cause is a regression that al...