UBUNTU-CVE-2017-17051

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2017-17051
Published: 05 Dec 2017, 00:00
Last modified:16 Jul 2025, 07:36

Vulnerability Summary

Overall Risk (default)
medium
34/100
CVSS Score
8.6 HIGH
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

05 Dec 2017, 00:00
Published
Vulnerability first disclosed
16 Jul 2025, 07:36
Last Modified
Vulnerability information updated

Description

An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected.

CVSS Metrics

  • v3.0HIGHScore: 8.6CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected Systems

  • ubuntunova

    < 2:17.0.0~rc2-0ubuntu1

References (4)