[Openstack-devel] Bug#703064: CVE-2013-1838: Nova DoS by allocating all Fixed IPs

[Thomas Goirand]

Package: nova
Severity: grave
Tags: security

Vish Ishaya reported a vulnerability in Nova where there is no quota for
Fixed IPs. Previously the instance quota acted as a proxy for a Fixed IP
quota, but if your configuration allows an instance to consume more than
one Fixed IP via an extension such as multinic then this is no longer
true. Running out of Fixed IPs would result in not being able to spawn
new instances.