OpenStack Compute (nova)

  1. Series ocata
  2. Bug #1799298
  3. Comment #4

Comment 4 for bug 1799298

Revision history for this message
Summer Long (slong-g) wrote :

Hi, a Red Hat customer is now seeing this issue with DoS as result. Reproduce by:
1.add 128 properties to an image
2.add 128 metadata
3.Max out the user_data

Result: 1Gb of data transfer is then allowed, creating huge load and instability on the system.

Because of the DoS, RH sees this as a security issue/CVE (CWE-400).