Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <521DF711.8030704@openstack.org>
Date: Wed, 28 Aug 2013 10:11:45 -0300
From: Thierry Carrez <thierry@...nstack.org>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: [OSSA 2013-024] Resource limit circumvention in Nova private flavors
 (CVE-2013-4278)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

OpenStack Security Advisory: 2013-024
CVE: CVE-2013-4278
Date: August 28, 2013
Title: Resource limit circumvention in Nova private flavors
Reporter: Ken'ichi Ohmichi (NEC)
Products: Nova
Affects: All versions

Description:
Ken'ichi Ohmichi from NEC reported that the fix for OSSA 2013-019
(CVE-2013-2256) was incomplete. Any tenant was still able to boot any
other tenant's private flavors by guessing a flavor ID. This potentially
allowed circumvention of any resource limits enforced through the
os-flavor-access:is_public property.

Havana (development branch) fix:
https://review.openstack.org/#/c/42922/

Grizzly fix:
https://review.openstack.org/#/c/43281/

Folsom fix:
https://review.openstack.org/#/c/43296/

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4278
https://bugs.launchpad.net/nova/+bug/1212179

Regards,

- -- 
Thierry Carrez
OpenStack Vulnerability Management Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCAAGBQJSHfcRAAoJEFB6+JAlsQQjpvQP/j1I8/ZNLxCB14BBIYOio9Ra
ZIWcHAEwlZG0z0AtN2YACBnE/kXXu5lCy4fmQ8tQWpPAicKFp5zzFTBnz4Pt9BiD
KtcDHe9keOfmGfIo1dWCZ3UIZt3dmoAuN0BDnS3XZpniufeczZDw3HInQJD17nn1
yrdHIZBt+0SL/wRRGQYcHy8e5EdCD2a2MNEsbYqDqptgBRHL51hUhRyxX8LMEtOI
LsCOvLqnBwOgUlkgRKtkKaYRwxAvHaD3JejWveNqlFXIf6i+j+jrPCophaAYOvTT
ET2pmtEbY4yA6Os64yLALFm01I3L4fYeph4FMo7V96PYU13Xfda4Fql4trKzIwxq
8NCRYMrEyM1Tqi8rjyMA4ed4N3QU83ZHjDYpUO2cz8cH2KNMGCIDuLDoLXIyFOs+
rskNXzVIbQSi0iCS1I0bFfCevOjOyDral+tXW/0bXoRZiIAytq0jWPbr9rC5jmGt
w7PXlW5g94pn6somugggfQTYcO1OawGXcTz+5wfjvadSk+RCY0hdHSwcw3DcuRoY
UsZulKplYN/STawQ0ZoM8vqz1QnbcqNw5asRfSXRZ0j38Y7ZrLBUuNWS9bQJ1rN6
ZYy6cf5uNDkOEsiQu9JuG+CsZUz05GZPgclM+HHjGIatUneKfAm8fqfzPASPsTaX
Crc4E9EcihvoDeqISjdQ
=UGXf
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.