Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2015-3241

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
8 September 2015

Summary

OpenStack Compute (nova) allows remote authenticated users to exploit a flaw in the instance deletion process while the migration function is active. By resizing and subsequently deleting an instance, users can inadvertently consume excessive disk, network, and other resources, leading to a denial of service condition. This vulnerability affects several versions of nova, allowing targeted attacks that can degrade system performance and availability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.