Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2018:2332 - Security Advisory
Issued:
2018-08-20
Updated:
2018-08-20

RHSA-2018:2332 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openstack-nova security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openstack-nova is now available for Red Hat OpenStack
Platform 12.0 (Pike).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

The following packages have been upgraded to a later upstream version:
openstack-nova (16.1.4). (BZ#1591212)

Security Fix(es):

  • openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host (CVE-2017-18191)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

For more information about the bug fixes and enhancements included with this update, see the "Technical Notes" section of the Release Notes
linked in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack for IBM Power 12 ppc64le
  • Red Hat OpenStack 12 x86_64

Fixes

  • BZ - 1516271 - [RHOS-12.0.z] Add RPM deps to require install of qemu-kvm-rhev, not qemu-kvm-rhel
  • BZ - 1537047 - Bug in log output in hardware.py "Not enough available memory to schedule instance" prints full memory instead of available memory
  • BZ - 1539703 - By rebuilding twice with the same "forbidden" image one can circumvent scheduler rebuild restrictions
  • BZ - 1546937 - CVE-2017-18191 openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host
  • BZ - 1547578 - Nova assumes that a volume is fully detached from the compute if the volume is not defined in the instance's libvirt definition
  • BZ - 1556851 - Instance hard reboots fail due to a TimeoutException being thrown waiting for vif-plugged events from Neutron
  • BZ - 1557938 - [BACKPORT Request] Nova returns a traceback when it's unable to detach a volume still in use
  • BZ - 1558706 - [OSP 12] nova get-password returns blank line
  • BZ - 1569955 - preallocate_images = space is not honoured when using qcow2
  • BZ - 1570314 - When creating a stack with not enough resource, volumes remain in attaching
  • BZ - 1572836 - nova-compute should log messages about stale resource allocations at warning priority
  • BZ - 1573799 - Fix setting tx_queue_size when rx_queue_size is not set
  • BZ - 1575985 - Duplicate imports of oslo_config types
  • BZ - 1579785 - On split-stack setups, left over node information prevents a node from rejoin the cloud
  • BZ - 1590514 - Rebase openstack-nova to aa7714c
  • BZ - 1591212 - Rebase openstack-nova to 16.1.4
  • BZ - 1591296 - [RHOS-12][rebase] Lift the restriction on choices for `cpu_model_extra_flags` config attribute

CVEs

  • CVE-2017-18191

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/release_notes/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack for IBM Power 12

SRPM
openstack-nova-16.1.4-6.el7ost.src.rpm SHA-256: ee29b5dac0a915d89ce406fee490a79abbab46ecb4e467684eb7f165fbd28474
ppc64le
openstack-nova-16.1.4-6.el7ost.noarch.rpm SHA-256: cee0046956f17241a09ebab9eb7d673e78626e3f4eead69e9641374a0d17210f
openstack-nova-api-16.1.4-6.el7ost.noarch.rpm SHA-256: 5599fa1b53fea1ec3b78c0eb2c17d114e2afafa2fba6a070c78b30fbd6f28a05
openstack-nova-cells-16.1.4-6.el7ost.noarch.rpm SHA-256: afb823186617c0128435fcafc9d963d6b379361a5e2e6f9e773234083764d0f7
openstack-nova-common-16.1.4-6.el7ost.noarch.rpm SHA-256: 2b0215e2e6b521696db06632af696252b086403ad601a609843c4759cf3f7d5e
openstack-nova-compute-16.1.4-6.el7ost.noarch.rpm SHA-256: 97b0062c414a8042a67090f99a5c20c54a0341b87418275cb6c2755b426bc592
openstack-nova-conductor-16.1.4-6.el7ost.noarch.rpm SHA-256: 74f0c260e913713d20218110a0d4ff303c90d8fb66ea35f498d033305a510c81
openstack-nova-console-16.1.4-6.el7ost.noarch.rpm SHA-256: 3d162b987202cd75691d8e8f35ec42c3264f164fb5739dad83d523e5f214f5cb
openstack-nova-migration-16.1.4-6.el7ost.noarch.rpm SHA-256: bf51fca0d32ab0228d658f2a459a4c83c35ea3a5a43941aa578e5c7c293ff2aa
openstack-nova-network-16.1.4-6.el7ost.noarch.rpm SHA-256: a8319b3e5deaf6aecd0ebbdc187853009305b52f0709f2f68a6278afaff9e155
openstack-nova-novncproxy-16.1.4-6.el7ost.noarch.rpm SHA-256: e303d5d5d27dce972997dcc7de9957de78f57ba5df4e8d58cb94bc11643225c8
openstack-nova-placement-api-16.1.4-6.el7ost.noarch.rpm SHA-256: 91369e3eb1298eca95080f6918f1c04e8c377b8fedd91201f6afbfe0bba96b01
openstack-nova-scheduler-16.1.4-6.el7ost.noarch.rpm SHA-256: e551a61544572c9f93cc4ec466ee9f7c612f269b94c84080d8785ad1f2a09936
openstack-nova-serialproxy-16.1.4-6.el7ost.noarch.rpm SHA-256: 903e925e05efab51095af66fbc4680e8d69bd263c16a7c568d494b05f8216973
openstack-nova-spicehtml5proxy-16.1.4-6.el7ost.noarch.rpm SHA-256: ec3c36227d25251993d924f81c5c4c41065e890fd8ec02f6cf4beb4e7611a471
python-nova-16.1.4-6.el7ost.noarch.rpm SHA-256: 3f6c03102884de2c5b84cb165f73dbc294fce794b6aec5c8f17e2a64b2ac2fdc
python-nova-tests-16.1.4-6.el7ost.noarch.rpm SHA-256: e61c8f83c7e68852e56b63d936aaaef86ed4e57693e9ec2e8e80f7d982604bfb

Red Hat OpenStack 12

SRPM
openstack-nova-16.1.4-6.el7ost.src.rpm SHA-256: ee29b5dac0a915d89ce406fee490a79abbab46ecb4e467684eb7f165fbd28474
x86_64
openstack-nova-16.1.4-6.el7ost.noarch.rpm SHA-256: cee0046956f17241a09ebab9eb7d673e78626e3f4eead69e9641374a0d17210f
openstack-nova-api-16.1.4-6.el7ost.noarch.rpm SHA-256: 5599fa1b53fea1ec3b78c0eb2c17d114e2afafa2fba6a070c78b30fbd6f28a05
openstack-nova-cells-16.1.4-6.el7ost.noarch.rpm SHA-256: afb823186617c0128435fcafc9d963d6b379361a5e2e6f9e773234083764d0f7
openstack-nova-common-16.1.4-6.el7ost.noarch.rpm SHA-256: 2b0215e2e6b521696db06632af696252b086403ad601a609843c4759cf3f7d5e
openstack-nova-compute-16.1.4-6.el7ost.noarch.rpm SHA-256: 97b0062c414a8042a67090f99a5c20c54a0341b87418275cb6c2755b426bc592
openstack-nova-conductor-16.1.4-6.el7ost.noarch.rpm SHA-256: 74f0c260e913713d20218110a0d4ff303c90d8fb66ea35f498d033305a510c81
openstack-nova-console-16.1.4-6.el7ost.noarch.rpm SHA-256: 3d162b987202cd75691d8e8f35ec42c3264f164fb5739dad83d523e5f214f5cb
openstack-nova-migration-16.1.4-6.el7ost.noarch.rpm SHA-256: bf51fca0d32ab0228d658f2a459a4c83c35ea3a5a43941aa578e5c7c293ff2aa
openstack-nova-network-16.1.4-6.el7ost.noarch.rpm SHA-256: a8319b3e5deaf6aecd0ebbdc187853009305b52f0709f2f68a6278afaff9e155
openstack-nova-novncproxy-16.1.4-6.el7ost.noarch.rpm SHA-256: e303d5d5d27dce972997dcc7de9957de78f57ba5df4e8d58cb94bc11643225c8
openstack-nova-placement-api-16.1.4-6.el7ost.noarch.rpm SHA-256: 91369e3eb1298eca95080f6918f1c04e8c377b8fedd91201f6afbfe0bba96b01
openstack-nova-scheduler-16.1.4-6.el7ost.noarch.rpm SHA-256: e551a61544572c9f93cc4ec466ee9f7c612f269b94c84080d8785ad1f2a09936
openstack-nova-serialproxy-16.1.4-6.el7ost.noarch.rpm SHA-256: 903e925e05efab51095af66fbc4680e8d69bd263c16a7c568d494b05f8216973
openstack-nova-spicehtml5proxy-16.1.4-6.el7ost.noarch.rpm SHA-256: ec3c36227d25251993d924f81c5c4c41065e890fd8ec02f6cf4beb4e7611a471
python-nova-16.1.4-6.el7ost.noarch.rpm SHA-256: 3f6c03102884de2c5b84cb165f73dbc294fce794b6aec5c8f17e2a64b2ac2fdc
python-nova-tests-16.1.4-6.el7ost.noarch.rpm SHA-256: e61c8f83c7e68852e56b63d936aaaef86ed4e57693e9ec2e8e80f7d982604bfb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility