Synopsis

Moderate: openstack-nova security update

Type/Severity

Security Advisory: Moderate

Topic

Updated openstack-nova packages that fix one security issue are now
available for Red Hat Enterprise Linux OpenStack Platform 7.0.

Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.

Description

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

A denial of service flaw was found in the OpenStack Compute (nova) instance
migration process. Because the migration process does not terminate when an
instance is deleted, an authenticated user could bypass user quota and
deplete all available disk space by repeatedly re-sizing and deleting an
instance. (CVE-2015-3241)

Red Hat would like to thank the OpenStack project for reporting this
issue. Upstream acknowledges George Shuklin of Webzilla LTD as the
original reporter.

All openstack-nova users are advised to upgrade to these updated packages,
which correct this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenStack 7 x86_64

Fixes

• BZ - 1232782 - CVE-2015-3241 openstack-nova: Nova instance migration process does not stop when instance is deleted

CVEs

• CVE-2015-3241

References

• http://www.redhat.com/security/updates/classification/#normal

Red Hat OpenStack 7

SRPM
openstack-nova-2015.1.0-18.el7ost.src.rpm	SHA-256: aaa831f33009b7c839e20d9e0f8730c3c50f5793cad5139c788b81b14fdfe8b5
x86_64
openstack-nova-2015.1.0-18.el7ost.noarch.rpm	SHA-256: ab65277d8c1dc52702ac926e4cc936bef8890659c3dc90a6c5e43b8854e71461
openstack-nova-api-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 553d32d655384fad3546fb7af0372b908df747929cd4bb1ae92bd77705d6f3fb
openstack-nova-cells-2015.1.0-18.el7ost.noarch.rpm	SHA-256: c6f14deba7062a5912a6b1fe9dab858969d1a0d020bc6c2022409510d6a6ab2b
openstack-nova-cert-2015.1.0-18.el7ost.noarch.rpm	SHA-256: ae8aa52f7dc62e2af6537175c21e334836d8e2749622a86fa36ea521559ad06e
openstack-nova-common-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 22aeedb9e216c3dbe0bd74b21511f63a9023b629431ac4f1523a2784bf87317b
openstack-nova-compute-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 6ee28fb2c802d0c808718de7db27211e8f5f1c0921c647ca09f21028907f9f9d
openstack-nova-conductor-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 496108df61ff4419721a403f02b99a61724870f5565f4cf75fc0c9d0ecbc7600
openstack-nova-console-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 43cbdc7a0fe00e3fba9e023e0617b3a0e87ebf7563b6c7fa962e70ebc1bda9e3
openstack-nova-doc-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 204351d15a3cc62f821e89ff70ded323617f1823aa9b4b7f38aeb0b3829be630
openstack-nova-network-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 137958876bbcb9015519f47aca2c613d613b35388ada1bd4f59c9f953ae6649e
openstack-nova-novncproxy-2015.1.0-18.el7ost.noarch.rpm	SHA-256: fdf05935328269700ff8925f3b79aee0c17f62a6c8cca4df198fd061b0bc36c1
openstack-nova-objectstore-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 764a530a7a5c37179041633cac99dc85fa1832486a601eb25074e43a957a36f9
openstack-nova-scheduler-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 4058dc16c3717e7df144139149be1507970f4ec231a6a617af284dad86bf9c99
openstack-nova-serialproxy-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 385b2abb592d0bad9f44594b7166cec031d9d9431d9a36d1471235cc0b607d71
openstack-nova-spicehtml5proxy-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 4128d7a1d382455ff2b0298710b9fc2304ff324ee5ca90d788d59e4b52ab7237
python-nova-2015.1.0-18.el7ost.noarch.rpm	SHA-256: 8d67ef198d2897e82aaa2c19b7f38b9d2e333993101acf03b2371e5a795f800f