CVE 2015-3241
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
Related bugs and status
CVE-2015-3241 (Candidate) is related to these bugs:
Bug #1387543: [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1387543 | [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | OpenStack Compute (nova) | High | Fix Released | ||
| 1387543 | [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | OpenStack Security Advisory | Medium | Fix Released | ||
| 1387543 | [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | OpenStack Compute (nova) juno | Undecided | Fix Released | ||
| 1387543 | [OSSA 2015-015] Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | OpenStack Compute (nova) kilo | Undecided | Fix Released | ||
Bug #1400881: Cannot rebuild a VM created from a Cinder volume backed by NetApp
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1400881 | Cannot rebuild a VM created from a Cinder volume backed by NetApp | OpenStack-Ansible | Medium | Fix Released | ||
| 1400881 | Cannot rebuild a VM created from a Cinder volume backed by NetApp | OpenStack-Ansible juno | Medium | Fix Released | ||
| 1400881 | Cannot rebuild a VM created from a Cinder volume backed by NetApp | OpenStack-Ansible kilo | Medium | Fix Released | ||
| 1400881 | Cannot rebuild a VM created from a Cinder volume backed by NetApp | OpenStack-Ansible trunk | Medium | Fix Released | ||
Bug #1466077: Resize/delete combo allows to overload nova-compute (CVE-2015-3241)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1466077 | Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | Mirantis OpenStack | High | Fix Released | ||
| 1466077 | Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | Mirantis OpenStack 7.0.x | High | Fix Released | ||
| 1466077 | Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | Mirantis OpenStack 6.1.x | High | Fix Released | ||
| 1466077 | Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | Mirantis OpenStack 5.1.x | High | Fix Committed | ||
| 1466077 | Resize/delete combo allows to overload nova-compute (CVE-2015-3241) | Mirantis OpenStack 6.0.x | High | Fix Released | ||
Bug #1488315: The python-requests package is pulled in by apt via dependency
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1488315 | The python-requests package is pulled in by apt via dependency | OpenStack-Ansible | Undecided | Invalid | ||
| 1488315 | The python-requests package is pulled in by apt via dependency | OpenStack-Ansible trunk | Undecided | Invalid | ||
| 1488315 | The python-requests package is pulled in by apt via dependency | OpenStack-Ansible liberty | Undecided | Invalid | ||
Bug #1489947: heat config generation fails
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1489947 | heat config generation fails | OpenStack-Ansible | High | Fix Released | ||
| 1489947 | heat config generation fails | OpenStack-Ansible kilo | High | Fix Released | ||
| 1489947 | heat config generation fails | OpenStack-Ansible trunk | High | Fix Released | ||
| 1489947 | heat config generation fails | OpenStack-Ansible juno | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
