1
Candidate: CVE-2017-16239
2
CRD: 2017-11-14 15:00:00 UTC
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16239
6
https://security.openstack.org/ossa/OSSA-2017-005.html
8
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through
9
16.0.2, by rebuilding an instance, an authenticated user may be able to
10
circumvent the Filter Scheduler bypassing imposed filters (for example, the
11
ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova
12
Filter Scheduler are affected. Because of the regression described in
13
Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10,
14
a 15.x version after 15.0.8, or a 16.x version after 16.0.3.
17
mdeslaur> regression fix: http://www.openwall.com/lists/oss-security/2017/12/05/4
19
https://launchpad.net/bugs/1664931
21
Discovered-by: George Shuklin
25
upstream_nova: needs-triage
27
trusty_nova: not-affected (code not present)
29
zesty_nova: ignored (reached end-of-life)
30
artful_nova: not-affected (16.0.3-0ubuntu1)
31
bionic_nova: not-affected (2:17.0.0~rc2-0ubuntu1)
32
devel_nova: not-affected (2:17.0.0~rc2-0ubuntu1)