Headline
CVE-2015-3241: Red Hat Customer Portal - Access to 24x7 support and knowledge
A denial of service flaw was found in the OpenStack Compute (nova) instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2015-09-03
Updated:
2015-09-03
RHSA-2015:1723 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: openstack-nova security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Updated openstack-nova packages that fix one security issue are now
available for Red Hat Enterprise Linux OpenStack Platform 7.0.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Description
OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.
A denial of service flaw was found in the OpenStack Compute (nova) instance
migration process. Because the migration process does not terminate when an
instance is deleted, an authenticated user could bypass user quota and
deplete all available disk space by repeatedly re-sizing and deleting an
instance. (CVE-2015-3241)
Red Hat would like to thank the OpenStack project for reporting this
issue. Upstream acknowledges George Shuklin of Webzilla LTD as the
original reporter.
All openstack-nova users are advised to upgrade to these updated packages,
which correct this issue.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
- Red Hat OpenStack 7 x86_64
Fixes
- BZ - 1232782 - CVE-2015-3241 openstack-nova: Nova instance migration process does not stop when instance is deleted
Red Hat OpenStack 7
SRPM
openstack-nova-2015.1.0-18.el7ost.src.rpm
SHA-256: aaa831f33009b7c839e20d9e0f8730c3c50f5793cad5139c788b81b14fdfe8b5
x86_64
openstack-nova-2015.1.0-18.el7ost.noarch.rpm
SHA-256: ab65277d8c1dc52702ac926e4cc936bef8890659c3dc90a6c5e43b8854e71461
openstack-nova-api-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 553d32d655384fad3546fb7af0372b908df747929cd4bb1ae92bd77705d6f3fb
openstack-nova-cells-2015.1.0-18.el7ost.noarch.rpm
SHA-256: c6f14deba7062a5912a6b1fe9dab858969d1a0d020bc6c2022409510d6a6ab2b
openstack-nova-cert-2015.1.0-18.el7ost.noarch.rpm
SHA-256: ae8aa52f7dc62e2af6537175c21e334836d8e2749622a86fa36ea521559ad06e
openstack-nova-common-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 22aeedb9e216c3dbe0bd74b21511f63a9023b629431ac4f1523a2784bf87317b
openstack-nova-compute-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 6ee28fb2c802d0c808718de7db27211e8f5f1c0921c647ca09f21028907f9f9d
openstack-nova-conductor-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 496108df61ff4419721a403f02b99a61724870f5565f4cf75fc0c9d0ecbc7600
openstack-nova-console-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 43cbdc7a0fe00e3fba9e023e0617b3a0e87ebf7563b6c7fa962e70ebc1bda9e3
openstack-nova-doc-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 204351d15a3cc62f821e89ff70ded323617f1823aa9b4b7f38aeb0b3829be630
openstack-nova-network-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 137958876bbcb9015519f47aca2c613d613b35388ada1bd4f59c9f953ae6649e
openstack-nova-novncproxy-2015.1.0-18.el7ost.noarch.rpm
SHA-256: fdf05935328269700ff8925f3b79aee0c17f62a6c8cca4df198fd061b0bc36c1
openstack-nova-objectstore-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 764a530a7a5c37179041633cac99dc85fa1832486a601eb25074e43a957a36f9
openstack-nova-scheduler-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 4058dc16c3717e7df144139149be1507970f4ec231a6a617af284dad86bf9c99
openstack-nova-serialproxy-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 385b2abb592d0bad9f44594b7166cec031d9d9431d9a36d1471235cc0b607d71
openstack-nova-spicehtml5proxy-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 4128d7a1d382455ff2b0298710b9fc2304ff324ee5ca90d788d59e4b52ab7237
python-nova-2015.1.0-18.el7ost.noarch.rpm
SHA-256: 8d67ef198d2897e82aaa2c19b7f38b9d2e333993101acf03b2371e5a795f800f
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.