CVE-2016-7498

Published: Sep 27, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

OpenStack Compute (nova) 13.0.0 does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. NOTE: this vulnerability exists because of a CVE-2015-3280 regression.

Affected (1)

Products: Openstack: Compute (nova)

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openstack Compute (nova)	Version 13.0.0

Related CWEs

References (8)

http://www.openwall.com/lists/oss-security/2016/09/21/8

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/09/23/1

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/93068

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://security.openstack.org/ossa/OSSA-2016-011.html

Source: secalert@redhat.com

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2016/09/21/8

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/09/23/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/93068

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://security.openstack.org/ossa/OSSA-2016-011.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.