Vishvananda

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions before 2013.1.3 OpenStack Compute (Nova) Havana versions before havana-3 **Description** The issue does not properly handle network source security group policy updates, allowing remote authenticated users to cause a denial of service via a large number of server-creation operations. This triggers a large number of update requests, consuming nova-network resources. **Recommendations** For OpenStack Compute (Nova) versions before 2013.1.3, update to version 2013.1.3 or later to resolve the issue. For OpenStack Compute (Nova) Havana versions before havana-3, update to havana-3 or later to resolve the issue.