[Openstack-devel] Bug#703064: CVE-2013-1838: Nova DoS by allocating all Fixed IPs

Thomas Goirand zigo at debian.org
Thu Mar 14 20:48:31 UTC 2013

Package: nova
Severity: grave
Tags: security

Vish Ishaya reported a vulnerability in Nova where there is no quota for
Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
quota, but if your configuration allows an instance to consume more than
one Fixed IP via an extension such as multinic then this is no longer
true. Running out of Fixed IPs would result in not being able to spawn
new instances.

More information about the Openstack-devel mailing list