Denial of Service Vulnerability in OpenStack Nova Scheduler
CVE-2012-3371

Currently unrated

Key Information:

Vendor

Openstack
Status
Compute
Essex
Folsom
Vendor
CVE Published:
17 July 2012

What is CVE-2012-3371?

The Nova scheduler in OpenStack Compute is susceptible to a denial of service attack when specific filters are applied. This vulnerability allows remote authenticated users to exploit the system by sending requests containing numerous repeated IDs in the os:scheduler_hints section, resulting in excessive database lookup calls and potential server hang, impacting the overall performance of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/54388
vdb-entryx_refsource_BID
https://lists.launchpad.net/openstack/msg14452.html
mailing-listx_refsource_MLIST
https://bugs.launchpad.net/nova/+bug/1017795
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.