Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1183647 - (CVE-2014-9623) CVE-2014-9623 openstack-glance: user storage quota bypass
CVE-2014-9623 openstack-glance: user storage quota bypass
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20150116,reported=2...
: Security
: 1117677 (view as bug list)
Depends On: 1187001 1187002 1187003 1192212 1192213
Blocks: 1183648
  Show dependency treegraph
 
Reported: 2015-01-19 06:49 EST by Vasyl Kaigorodov
Modified: 2016-04-26 16:57 EDT (History)
32 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A storage quota bypass flaw was found in OpenStack Image (glance). If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-04-17 03:28:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0644 normal SHIPPED_LIVE Low: openstack-glance security and bug fix update 2015-03-05 19:28:55 EST
Red Hat Product Errata RHSA-2015:0837 normal SHIPPED_LIVE Low: openstack-glance security and bug fix update 2015-04-16 13:52:38 EDT
Red Hat Product Errata RHSA-2015:0838 normal SHIPPED_LIVE Low: openstack-glance security and bug fix update 2015-04-16 15:08:38 EDT

  None (edit)
Description Vasyl Kaigorodov 2015-01-19 06:49:10 EST 
Title: Glance user storage quota bypass
Reporter: Tushar Patil (NTT)
Products: Glance
Versions: up to 2014.1.3 and 2014.2 version up to 2014.2.1

Description:
Tushar Patil from NTT reported a vulnerability in Glance. By deleting images
that are being uploaded, a malicious user can overcome the storage quota and
thus may overrun the backend. Images in deleted state are not taken into
account by quota and won't be effectively deleted until the upload is
completed. Only Glance setups configured with user_storage_quota are
affected.

References:
https://launchpad.net/bugs/1398830

Acknowledgements:

Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Tushar Patil of NTT as the original reporter.
Comment 1 Kurt Seifried 2015-01-23 15:18:52 EST 
Patches:

Kilo (development branch) fix:
https://review.openstack.org/144464

Juno fix:
https://review.openstack.org/149387

Icehouse fix:
https://review.openstack.org/149646
Comment 9 Flavio Percoco 2015-01-29 09:48:57 EST 
*** Bug 1117677 has been marked as a duplicate of this bug. ***
Comment 14 errata-xmlrpc 2015-03-05 14:30:45 EST 
This issue has been addressed in the following products:

  OpenStack 6 for RHEL 7

Via RHSA-2015:0644 https://rhn.redhat.com/errata/RHSA-2015-0644.html
Comment 15 errata-xmlrpc 2015-04-16 09:58:37 EDT 
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 7

Via RHSA-2015:0837 https://rhn.redhat.com/errata/RHSA-2015-0837.html
Comment 16 errata-xmlrpc 2015-04-16 11:09:03 EDT 
This issue has been addressed in the following products:

  OpenStack 5 for RHEL 6

Via RHSA-2015:0838 https://rhn.redhat.com/errata/RHSA-2015-0838.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.