========================================================================== Ubuntu Security Notice USN-8434-1 June 16, 2026
nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Nova could be made to bypass resource accounting. Software Description: - nova: OpenStack Compute cloud infrastructure Details: It was discovered that Nova did not strip internal _nova-prefixed scheduler hints supplied by users on instance creation. An attacker could possibly use this issue to bypass Placement resource claims and scheduling constraint enforcement. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS nova-ajax-console-proxy 3:33.0.0-0ubuntu3.1 nova-api 3:33.0.0-0ubuntu3.1 nova-api-metadata 3:33.0.0-0ubuntu3.1 nova-api-os-compute 3:33.0.0-0ubuntu3.1 nova-api-os-volume 3:33.0.0-0ubuntu3.1 nova-cells 3:33.0.0-0ubuntu3.1 nova-common 3:33.0.0-0ubuntu3.1 nova-compute 3:33.0.0-0ubuntu3.1 nova-compute-ironic 3:33.0.0-0ubuntu3.1 nova-compute-kvm 3:33.0.0-0ubuntu3.1 nova-compute-libvirt 3:33.0.0-0ubuntu3.1 nova-compute-lxc 3:33.0.0-0ubuntu3.1 nova-compute-qemu 3:33.0.0-0ubuntu3.1 nova-compute-vmware 3:33.0.0-0ubuntu3.1 nova-compute-xen 3:33.0.0-0ubuntu3.1 nova-conductor 3:33.0.0-0ubuntu3.1 nova-doc 3:33.0.0-0ubuntu3.1 nova-novncproxy 3:33.0.0-0ubuntu3.1 nova-scheduler 3:33.0.0-0ubuntu3.1 nova-serialproxy 3:33.0.0-0ubuntu3.1 nova-spiceproxy 3:33.0.0-0ubuntu3.1 nova-volume 3:33.0.0-0ubuntu3.1 python3-nova 3:33.0.0-0ubuntu3.1 Ubuntu 25.10 nova-ajax-console-proxy 3:32.0.0-0ubuntu1.3 nova-api 3:32.0.0-0ubuntu1.3 nova-api-metadata 3:32.0.0-0ubuntu1.3 nova-api-os-compute 3:32.0.0-0ubuntu1.3 nova-api-os-volume 3:32.0.0-0ubuntu1.3 nova-cells 3:32.0.0-0ubuntu1.3 nova-common 3:32.0.0-0ubuntu1.3 nova-compute 3:32.0.0-0ubuntu1.3 nova-compute-ironic 3:32.0.0-0ubuntu1.3 nova-compute-kvm 3:32.0.0-0ubuntu1.3 nova-compute-libvirt 3:32.0.0-0ubuntu1.3 nova-compute-lxc 3:32.0.0-0ubuntu1.3 nova-compute-qemu 3:32.0.0-0ubuntu1.3 nova-compute-vmware 3:32.0.0-0ubuntu1.3 nova-compute-xen 3:32.0.0-0ubuntu1.3 nova-conductor 3:32.0.0-0ubuntu1.3 nova-doc 3:32.0.0-0ubuntu1.3 nova-novncproxy 3:32.0.0-0ubuntu1.3 nova-scheduler 3:32.0.0-0ubuntu1.3 nova-serialproxy 3:32.0.0-0ubuntu1.3 nova-spiceproxy 3:32.0.0-0ubuntu1.3 nova-volume 3:32.0.0-0ubuntu1.3 python3-nova 3:32.0.0-0ubuntu1.3 Ubuntu 24.04 LTS nova-ajax-console-proxy 3:29.2.0-0ubuntu1.7 nova-api 3:29.2.0-0ubuntu1.7 nova-api-metadata 3:29.2.0-0ubuntu1.7 nova-api-os-compute 3:29.2.0-0ubuntu1.7 nova-api-os-volume 3:29.2.0-0ubuntu1.7 nova-cells 3:29.2.0-0ubuntu1.7 nova-common 3:29.2.0-0ubuntu1.7 nova-compute 3:29.2.0-0ubuntu1.7 nova-compute-ironic 3:29.2.0-0ubuntu1.7 nova-compute-kvm 3:29.2.0-0ubuntu1.7 nova-compute-libvirt 3:29.2.0-0ubuntu1.7 nova-compute-lxc 3:29.2.0-0ubuntu1.7 nova-compute-qemu 3:29.2.0-0ubuntu1.7 nova-compute-vmware 3:29.2.0-0ubuntu1.7 nova-compute-xen 3:29.2.0-0ubuntu1.7 nova-conductor 3:29.2.0-0ubuntu1.7 nova-doc 3:29.2.0-0ubuntu1.7 nova-novncproxy 3:29.2.0-0ubuntu1.7 nova-scheduler 3:29.2.0-0ubuntu1.7 nova-serialproxy 3:29.2.0-0ubuntu1.7 nova-spiceproxy 3:29.2.0-0ubuntu1.7 nova-volume 3:29.2.0-0ubuntu1.7 python3-nova 3:29.2.0-0ubuntu1.7 Ubuntu 22.04 LTS nova-ajax-console-proxy 3:25.2.1-0ubuntu2.11 nova-api 3:25.2.1-0ubuntu2.11 nova-api-metadata 3:25.2.1-0ubuntu2.11 nova-api-os-compute 3:25.2.1-0ubuntu2.11 nova-api-os-volume 3:25.2.1-0ubuntu2.11 nova-cells 3:25.2.1-0ubuntu2.11 nova-common 3:25.2.1-0ubuntu2.11 nova-compute 3:25.2.1-0ubuntu2.11 nova-compute-ironic 3:25.2.1-0ubuntu2.11 nova-compute-kvm 3:25.2.1-0ubuntu2.11 nova-compute-libvirt 3:25.2.1-0ubuntu2.11 nova-compute-lxc 3:25.2.1-0ubuntu2.11 nova-compute-qemu 3:25.2.1-0ubuntu2.11 nova-compute-vmware 3:25.2.1-0ubuntu2.11 nova-compute-xen 3:25.2.1-0ubuntu2.11 nova-conductor 3:25.2.1-0ubuntu2.11 nova-doc 3:25.2.1-0ubuntu2.11 nova-novncproxy 3:25.2.1-0ubuntu2.11 nova-scheduler 3:25.2.1-0ubuntu2.11 nova-serialproxy 3:25.2.1-0ubuntu2.11 nova-spiceproxy 3:25.2.1-0ubuntu2.11 nova-volume 3:25.2.1-0ubuntu2.11 python3-nova 3:25.2.1-0ubuntu2.11 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8434-1 CVE-2026-46448 Package Information: https://launchpad.net/ubuntu/+source/nova/3:33.0.0-0ubuntu3.1 https://launchpad.net/ubuntu/+source/nova/3:32.0.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/nova/3:29.2.0-0ubuntu1.7 https://launchpad.net/ubuntu/+source/nova/3:25.2.1-0ubuntu2.11
signature.asc
Description: OpenPGP digital signature
