Bug 989707 - (CVE-2013-4179) CVE-2013-4179 OpenStack: Nova XML entities DoS
CVE-2013-4179 OpenStack: Nova XML entities DoS
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20130808,repor...
: Security
: 973520 976208 (view as bug list)
Depends On: 991629 995171 995172 995173 995180
Blocks: 973515 989760
  Show dependency treegraph
 
Reported: 2013-07-29 14:25 EDT by Kurt Seifried
Modified: 2016-04-26 09:34 EDT (History)
15 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-11-06 00:52:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
nova-grizzly-CVE-2013-4179.patch (9.46 KB, patch)
2013-08-03 01:00 EDT, Kurt Seifried
no flags Details | Diff
nova-master-CVE-2013-4179.patch (9.05 KB, patch)
2013-08-03 01:01 EDT, Kurt Seifried
no flags Details | Diff

  None (edit)
Description Kurt Seifried 2013-07-29 14:25:29 EDT
Thierry Carrez (thierry@openstack.org) reports:

Title: Denial of Service using XML entities in Nova/Cinder extensions
Reporter: Grant Murphy (Red Hat)
Products: Nova, Cinder
Affects: Grizzly

Description:
Grant Murphy from Red Hat reported that vulnerabilities in XML request
parsers were not fully patched in OSSA 2013-004. By leveraging XML
entity expansion in specific extensions, an unauthenticated attacker
may still consume excessive resources on the Nova or Cinder API
servers, resulting in a denial of service and potentially a crash.
Only Nova setups making use of the security group extension in Grizzly
are affected. Only Cinder setups making use of the backups or volume
transfer API extension in Grizzly are affected.

References:
https://bugs.launchpad.net/cinder/+bug/1190229
Comment 1 Kurt Seifried 2013-08-03 00:53:52 EDT
Please note that this was originally assigned a	single CVE. It has since
been split into two CVE's (CVE-2013-4179 continues to be used for Nova and CVE-2013-4202 should be used for Cinder).
Comment 4 Kurt Seifried 2013-08-03 01:00:52 EDT
Created attachment 782219 [details]
nova-grizzly-CVE-2013-4179.patch
Comment 5 Kurt Seifried 2013-08-03 01:01:29 EDT
Created attachment 782220 [details]
nova-master-CVE-2013-4179.patch
Comment 6 Kurt Seifried 2013-08-07 22:04:24 EDT
*** Bug 976208 has been marked as a duplicate of this bug. ***
Comment 7 Kurt Seifried 2013-08-07 22:07:10 EDT
*** Bug 973520 has been marked as a duplicate of this bug. ***
Comment 9 Kurt Seifried 2013-08-08 13:29:03 EDT
Created openstack-nova tracking bugs for this issue:

Affects: fedora-all [bug 995172]
Affects: epel-6 [bug 995173]
Comment 11 Murray McAllister 2013-09-03 00:50:09 EDT
Acknowledgements:

This issue was discovered by Grant Murphy of the Red Hat Product Security Team.
Comment 12 errata-xmlrpc 2013-09-03 16:19:31 EDT
This issue has been addressed in following products:

  OpenStack 3 for RHEL 6

Via RHSA-2013:1199 https://rhn.redhat.com/errata/RHSA-2013-1199.html

Note You need to log in before you can comment on or make changes to this bug.