Canonical Fixes Nova Exploits in Ubuntu 13.04

A couple of other distribution have been affected by this problem

By on October 24th, 2013 13:42 GMT

Canonical published details about multiple Nova vulnerabilities in its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to the company, Nova could have been made to crash, had it received specially crafted network requests.

For example, it has been discovered that Nova inefficiently handled network security group updates, when Nova was configured to use nova-network. An authenticated attacker could have exploited this problem to cause a denial of service.

For a more detailed description of the security problems, you can see Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the latest python-nova package specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. You don't need to restart your system.

Comments