CVE-2017-17051
Summary
| CVE | CVE-2017-17051 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-12-05 18:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected. |
Risk And Classification
Problem Types: CWE-400
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Gerrit Code Review | CONFIRM | review.openstack.org | Vendor Advisory |
| Bug #1732976 “[OSSA-2017-006] Potential DoS by rebuilding the sa...” : Bugs : OpenStack Compute (nova) | CONFIRM | launchpad.net | Issue Tracking, Third Party Advisory |
| OSSA-2017-006: Nova FilterScheduler doubles resource allocations during rebuild with new image — openstack-security-advisories 2014.2.0.dev144 documentation | CONFIRM | security.openstack.org | Vendor Advisory |
| OpenStack Nova CVE-2017-17051 Incomplete Fix Denial of Service Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Gerrit Code Review | CONFIRM | review.openstack.org | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.