30 Apr 2012
OpenStack Compute (Nova) 2012.x
DoS (Denial of Service)
This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.
A vulnerability has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to cause a DoS (Denial of Service).
The vulnerability is caused due to the application not enforcing quotas on the number of security group rules created. This can be exploited to create multiple iptables rules and exhaust system resources.
The vulnerability is reported in version 2012.1. Other versions may also be affected.
Fixed in the GIT repository.
Red Hat credits Dan Prince.