CVE-2015-3280

Priority
Medium
Description
OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before
2015.1.2 (kilo) does not properly delete instances from compute nodes,
which allows remote authenticated users to cause a denial of service (disk
consumption) by deleting instances while in the resize state.
References
Bugs
Assigned-to
mdeslaur
Package
Source: nova (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):not-affected (2:12.0.0-0ubuntu2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:2014.1.5-0ubuntu1.7)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (2:12.0.0-0ubuntu2)
Ubuntu 17.04 (Zesty Zapus):not-affected (2:12.0.0-0ubuntu2)
Patches:
Upstream:https://review.openstack.org/219301 (Juno)
Upstream:https://review.openstack.org/219300 (Kilo)
Upstream:https://review.openstack.org/219299 (Liberty)
More Information

Updated: 2017-10-11 14:14:41 UTC (commit 13496)