SecurityHome.eu [USN-8434-1] Nova vulnerability

Home / mailings PDF

[USN-8434-1] Nova vulnerability
Posted on 17 June 2026
Ubuntu Security
==========================================================================Ubuntu Security Notice USN-8434-1
June 16, 2026

nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Nova could be made to bypass resource accounting.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

It was discovered that Nova did not strip internal _nova-prefixed
scheduler hints supplied by users on instance creation. An attacker could
possibly use this issue to bypass Placement resource claims and
scheduling constraint enforcement.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
nova-ajax-console-proxy 3:33.0.0-0ubuntu3.1
nova-api 3:33.0.0-0ubuntu3.1
nova-api-metadata 3:33.0.0-0ubuntu3.1
nova-api-os-compute 3:33.0.0-0ubuntu3.1
nova-api-os-volume 3:33.0.0-0ubuntu3.1
nova-cells 3:33.0.0-0ubuntu3.1
nova-common 3:33.0.0-0ubuntu3.1
nova-compute 3:33.0.0-0ubuntu3.1
nova-compute-ironic 3:33.0.0-0ubuntu3.1
nova-compute-kvm 3:33.0.0-0ubuntu3.1
nova-compute-libvirt 3:33.0.0-0ubuntu3.1
nova-compute-lxc 3:33.0.0-0ubuntu3.1
nova-compute-qemu 3:33.0.0-0ubuntu3.1
nova-compute-vmware 3:33.0.0-0ubuntu3.1
nova-compute-xen 3:33.0.0-0ubuntu3.1
nova-conductor 3:33.0.0-0ubuntu3.1
nova-doc 3:33.0.0-0ubuntu3.1
nova-novncproxy 3:33.0.0-0ubuntu3.1
nova-scheduler 3:33.0.0-0ubuntu3.1
nova-serialproxy 3:33.0.0-0ubuntu3.1
nova-spiceproxy 3:33.0.0-0ubuntu3.1
nova-volume 3:33.0.0-0ubuntu3.1
python3-nova 3:33.0.0-0ubuntu3.1

Ubuntu 25.10
nova-ajax-console-proxy 3:32.0.0-0ubuntu1.3
nova-api 3:32.0.0-0ubuntu1.3
nova-api-metadata 3:32.0.0-0ubuntu1.3
nova-api-os-compute 3:32.0.0-0ubuntu1.3
nova-api-os-volume 3:32.0.0-0ubuntu1.3
nova-cells 3:32.0.0-0ubuntu1.3
nova-common 3:32.0.0-0ubuntu1.3
nova-compute 3:32.0.0-0ubuntu1.3
nova-compute-ironic 3:32.0.0-0ubuntu1.3
nova-compute-kvm 3:32.0.0-0ubuntu1.3
nova-compute-libvirt 3:32.0.0-0ubuntu1.3
nova-compute-lxc 3:32.0.0-0ubuntu1.3
nova-compute-qemu 3:32.0.0-0ubuntu1.3
nova-compute-vmware 3:32.0.0-0ubuntu1.3
nova-compute-xen 3:32.0.0-0ubuntu1.3
nova-conductor 3:32.0.0-0ubuntu1.3
nova-doc 3:32.0.0-0ubuntu1.3
nova-novncproxy 3:32.0.0-0ubuntu1.3
nova-scheduler 3:32.0.0-0ubuntu1.3
nova-serialproxy 3:32.0.0-0ubuntu1.3
nova-spiceproxy 3:32.0.0-0ubuntu1.3
nova-volume 3:32.0.0-0ubuntu1.3
python3-nova 3:32.0.0-0ubuntu1.3

Ubuntu 24.04 LTS
nova-ajax-console-proxy 3:29.2.0-0ubuntu1.7
nova-api 3:29.2.0-0ubuntu1.7
nova-api-metadata 3:29.2.0-0ubuntu1.7
nova-api-os-compute 3:29.2.0-0ubuntu1.7
nova-api-os-volume 3:29.2.0-0ubuntu1.7
nova-cells 3:29.2.0-0ubuntu1.7
nova-common 3:29.2.0-0ubuntu1.7
nova-compute 3:29.2.0-0ubuntu1.7
nova-compute-ironic 3:29.2.0-0ubuntu1.7
nova-compute-kvm 3:29.2.0-0ubuntu1.7
nova-compute-libvirt 3:29.2.0-0ubuntu1.7
nova-compute-lxc 3:29.2.0-0ubuntu1.7
nova-compute-qemu 3:29.2.0-0ubuntu1.7
nova-compute-vmware 3:29.2.0-0ubuntu1.7
nova-compute-xen 3:29.2.0-0ubuntu1.7
nova-conductor 3:29.2.0-0ubuntu1.7
nova-doc 3:29.2.0-0ubuntu1.7
nova-novncproxy 3:29.2.0-0ubuntu1.7
nova-scheduler 3:29.2.0-0ubuntu1.7
nova-serialproxy 3:29.2.0-0ubuntu1.7
nova-spiceproxy 3:29.2.0-0ubuntu1.7
nova-volume 3:29.2.0-0ubuntu1.7
python3-nova 3:29.2.0-0ubuntu1.7

Ubuntu 22.04 LTS
nova-ajax-console-proxy 3:25.2.1-0ubuntu2.11
nova-api 3:25.2.1-0ubuntu2.11
nova-api-metadata 3:25.2.1-0ubuntu2.11
nova-api-os-compute 3:25.2.1-0ubuntu2.11
nova-api-os-volume 3:25.2.1-0ubuntu2.11
nova-cells 3:25.2.1-0ubuntu2.11
nova-common 3:25.2.1-0ubuntu2.11
nova-compute 3:25.2.1-0ubuntu2.11
nova-compute-ironic 3:25.2.1-0ubuntu2.11
nova-compute-kvm 3:25.2.1-0ubuntu2.11
nova-compute-libvirt 3:25.2.1-0ubuntu2.11
nova-compute-lxc 3:25.2.1-0ubuntu2.11
nova-compute-qemu 3:25.2.1-0ubuntu2.11
nova-compute-vmware 3:25.2.1-0ubuntu2.11
nova-compute-xen 3:25.2.1-0ubuntu2.11
nova-conductor 3:25.2.1-0ubuntu2.11
nova-doc 3:25.2.1-0ubuntu2.11
nova-novncproxy 3:25.2.1-0ubuntu2.11
nova-scheduler 3:25.2.1-0ubuntu2.11
nova-serialproxy 3:25.2.1-0ubuntu2.11
nova-spiceproxy 3:25.2.1-0ubuntu2.11
nova-volume 3:25.2.1-0ubuntu2.11
python3-nova 3:25.2.1-0ubuntu2.11

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8434-1
CVE-2026-46448

Package Information:
https://launchpad.net/ubuntu/+source/nova/3:33.0.0-0ubuntu3.1
https://launchpad.net/ubuntu/+source/nova/3:32.0.0-0ubuntu1.3
https://launchpad.net/ubuntu/+source/nova/3:29.2.0-0ubuntu1.7
https://launchpad.net/ubuntu/+source/nova/3:25.2.1-0ubuntu2.11

--===============4373382680575551351==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

TOP

Mailings :

Last 20

Exploits :

Last 20