Denial of Service in OpenStack Nova Due to VNIC Type Manipulation
CVE-2022-37394
3.3LOW
Summary
A vulnerability in OpenStack Nova allows authenticated users to exploit the vnic_type parameter when creating a neutron port. Specifically, by creating a port with direct vnic_type and subsequently changing the port's vnic_type to macvtap after binding an instance, users can trigger a failure in the compute service’s restart process. This can lead to a denial of service, particularly affecting Nova deployments configured with SR-IOV, showcasing the need for caution in configuration and management practices.
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved