Red Hat Bugzilla – Bug 989755
CVE-2013-4180 Foreman: hosts_controller.rb power/ipmi_boot Symbol creation DoS
Last modified: 2016-04-26 18:10:34 EDT
Marek Hulan (firstname.lastname@example.org) reports:
I found a DoS bug in foreman. The problem is in converting a user input into a
symbol. Since MRI garbage collector does not free any instantiated symbol any
authenticated user can create inputs to consume all system memory. Memory
consumption is linear (input size = consumed memory amount) and every input
must be unique. Since the input comes from HTTP request via method PUT it's
not hard to send large portion of data at a time. Basically an attacker is
just limited by HTTP protocol and server configuration.
This issue was discovered by Marek Hulán of the Red Hat Foreman team.
Fixed in upstream
This issue has been addressed in following products:
OpenStack 3 for RHEL 6
Via RHSA-2013:1196 https://rhn.redhat.com/errata/RHSA-2013-1196.html