UBUNTU-CVE-2017-17051

See a problem?
Source
https://ubuntu.com/security/notices/UBUNTU-CVE-2017-17051
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-17051.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-17051
Related
Published
2017-12-05T00:00:00Z
Modified
2017-12-05T00:00:00Z
Severity
  • 8.6 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.

References

Affected packages

Ubuntu:18.04:LTS / nova

Package

Name
nova
Purl
pkg:deb/ubuntu/nova@2:17.0.0~rc2-0ubuntu1?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:17.0.0~rc2-0ubuntu1

Affected versions

2:16.*

2:16.0.1-0ubuntu1
2:16.0.1-0ubuntu2

2:17.*

2:17.0.0~b1-0ubuntu1
2:17.0.0~b2-0ubuntu2
2:17.0.0~b3-0ubuntu3
2:17.0.0~b3-0ubuntu4
2:17.0.0~rc1-0ubuntu1

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "nova-api": "2:17.0.0~rc2-0ubuntu1",
            "nova-volume": "2:17.0.0~rc2-0ubuntu1",
            "nova-doc": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-lxc": "2:17.0.0~rc2-0ubuntu1",
            "nova-console": "2:17.0.0~rc2-0ubuntu1",
            "nova-novncproxy": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-libvirt": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-qemu": "2:17.0.0~rc2-0ubuntu1",
            "nova-xvpvncproxy": "2:17.0.0~rc2-0ubuntu1",
            "nova-api-os-compute": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-kvm": "2:17.0.0~rc2-0ubuntu1",
            "nova-ajax-console-proxy": "2:17.0.0~rc2-0ubuntu1",
            "nova-spiceproxy": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-vmware": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute-xen": "2:17.0.0~rc2-0ubuntu1",
            "nova-network": "2:17.0.0~rc2-0ubuntu1",
            "nova-conductor": "2:17.0.0~rc2-0ubuntu1",
            "nova-compute": "2:17.0.0~rc2-0ubuntu1",
            "nova-scheduler": "2:17.0.0~rc2-0ubuntu1",
            "python-nova": "2:17.0.0~rc2-0ubuntu1",
            "nova-api-metadata": "2:17.0.0~rc2-0ubuntu1",
            "nova-common": "2:17.0.0~rc2-0ubuntu1",
            "nova-api-os-volume": "2:17.0.0~rc2-0ubuntu1",
            "nova-placement-api": "2:17.0.0~rc2-0ubuntu1",
            "nova-serialproxy": "2:17.0.0~rc2-0ubuntu1",
            "nova-cells": "2:17.0.0~rc2-0ubuntu1",
            "nova-consoleauth": "2:17.0.0~rc2-0ubuntu1"
        }
    ]
}