Could this behavior be controlled by a would-be attacker, or is it only
up to random chance? If the former then like bug 1058077/bug 1125378 the
VMT would likely deem it a security vulnerability. If the latter like
bug 1255609 we would most probably not.
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New => Incomplete
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1357372
Title:
Race condition in VNC port allocation when spawning a instance on
VMware
Status in OpenStack Compute (Nova):
In Progress
Status in OpenStack Security Advisories:
Incomplete
Bug description:
When spawning some instances, nova VMware driver could have a race
condition in VNC port allocation. Although the get_vnc_port function
has a lock it not guarantee that the whole vnc port allocation process
is locked, so another instance could receive the same port if it
requests the VNC port before nova has finished the vnc port allocation
to another VM.
If the instances with the same VNC port are allocated in same host it
could lead to a improper access to the instance console.
Reproduce the problem: Launch two or more instances at same time. In
some cases one instance could execute the get_vnc_port and pick a port
but before this instance has finished the _set_vnc_config another
instance could execute get_vnc_port and pick the same port.
How often this occurs: unpredictable.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1357372/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
