CVE-2015-3280: OpenStack Compute (nova) allows remote authenticated users to cause a denial of service
(updated )
A flaw was found in the way OpenStack Compute (nova) handled the resize state. If an authenticated user deleted an instance while it was in the resize state, it could cause the original instance to not be deleted from the compute node it was running on, allowing the user to cause a denial of service.
References
- rhn.redhat.com/errata/RHSA-2015-1898.html
- www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- access.redhat.com/errata/RHSA-2015:1898
- access.redhat.com/security/cve/CVE-2015-3280
- bugzilla.redhat.com/show_bug.cgi?id=1257942
- github.com/advisories/GHSA-mfmj-gwg3-vhw7
- launchpad.net/bugs/1392527
- nvd.nist.gov/vuln/detail/CVE-2015-3280
- security.openstack.org/ossa/OSSA-2015-017.html
- web.archive.org/web/20200228023247/http://www.securityfocus.com/bid/76553
Detect and mitigate CVE-2015-3280 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →