{"id":"PYSEC-2012-36","details":"Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.","aliases":["CVE-2012-2101","GHSA-hq3f-9gf7-73r8"],"modified":"2026-06-10T17:02:25.767479886Z","published":"2012-06-07T19:55:00Z","withdrawn":"2024-11-22T04:37:04Z","references":[{"type":"WEB","url":"https://lists.launchpad.net/openstack/msg10268.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49034"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49048"},{"type":"FIX","url":"https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb"},{"type":"FIX","url":"https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64"},{"type":"WEB","url":"http://ubuntu.com/usn/usn-1438-1"},{"type":"WEB","url":"https://bugs.launchpad.net/nova/+bug/969545"},{"type":"FIX","url":"https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7"},{"type":"WEB","url":"http://www.osvdb.org/81641"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/75243"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-hq3f-9gf7-73r8"}],"affected":[{"package":{"name":"nova","ecosystem":"PyPI","purl":"pkg:pypi/nova"},"ranges":[{"type":"GIT","repo":"https://github.com/openstack/nova","events":[{"introduced":"0"},{"fixed":"8c8735a73afb16d5856f0aa6088e9ae406c52beb"},{"fixed":"a67db4586f70ed881d65e80035b2a25be195ce64"},{"fixed":"1f644d210557b1254f7c7b39424b09a45329ade7"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["15.1.5","16.1.6","16.1.7","16.1.8","17.0.10","17.0.11","17.0.12","17.0.13","17.0.7","17.0.8","17.0.9","18.0.2","18.0.3","18.1.0","18.2.0","18.2.1","18.2.2","18.2.3","18.3.0","19.0.0","19.0.0.0rc1","19.0.0.0rc2","19.0.1","19.0.2","19.0.3","19.1.0","19.2.0","19.3.0","19.3.1","19.3.2","20.0.0","20.0.0.0rc1","20.0.0.0rc2","20.0.1","20.1.0","20.1.1","20.2.0","20.3.0","20.4.0","20.4.1","20.5.0","20.6.0","20.6.1","21.0.0","21.0.0.0rc1","21.0.0.0rc2","21.1.0","21.1.1","21.1.2","21.2.0","21.2.1","21.2.2","21.2.3","21.2.4","22.0.0","22.0.0.0rc1","22.0.1","22.1.0","22.2.0","22.2.1","22.2.2","22.3.0","22.4.0","23.0.0","23.0.0.0rc1","23.0.0.0rc2","23.0.1","23.0.2","23.1.0","23.2.0","23.2.1","23.2.2","24.0.0","24.0.0.0rc1","24.0.0.0rc2","24.1.0","24.1.1","24.2.0","24.2.1","25.0.0","25.0.0.0rc1","25.0.1","25.1.0","25.1.1","25.2.0","25.2.1","25.3.0","26.0.0","26.0.0.0rc1","26.0.0.0rc2","26.1.0","26.1.1","26.2.0","26.2.1","26.2.2","26.3.0","27.0.0","27.0.0.0rc1","27.1.0","27.2.0","27.3.0","27.4.0","27.5.0","27.5.1","28.0.0","28.0.0.0rc1","28.0.1","28.1.0","28.2.0","28.3.0","28.3.1","29.0.0","29.0.0.0rc1","29.0.1","29.0.2","29.1.0","29.2.0","29.2.1","29.2.2","29.3.0","29.4.0","30.0.0","30.0.0.0rc1","30.1.0","30.2.0","30.2.1","30.3.0","31.0.0","31.0.0.0rc1","31.0.1","31.1.0","31.2.0","31.3.0","32.0.0","32.0.0.0rc1","32.1.0","32.2.0","33.0.0","33.0.0.0rc1","33.0.1","essex-rc4","2012.1","essex-rc3","essex-rc2","essex-rc1","2011.3.1","essex-1","2011.3","diablo-4","diablo-3","diablo-2","diablo-1","2011.2","2011.2rc1","2011.2gamma1","2011.1rc1","2011.1","2010.1","0.9.0"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/nova/PYSEC-2012-36.yaml"}}],"schema_version":"1.7.5"}