—
PYSEC-2014-111
상세
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- http://osvdb.org/102416 [WEB]
- https://review.openstack.org/#/c/68658/ [FIX]
- http://www.securityfocus.com/bid/65106 [WEB]
- http://www.openwall.com/lists/oss-security/2014/01/23/5 [WEB]
- https://review.openstack.org/#/c/68659/ [WEB]
- http://secunia.com/advisories/56450 [ADVISORY]
- https://bugs.launchpad.net/nova/+bug/1251590 [WEB]
- https://review.openstack.org/#/c/68660/ [FIX]
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html [WEB]
- http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html [WEB]
- http://rhn.redhat.com/errata/RHSA-2014-0231.html [ADVISORY]
- http://www.ubuntu.com/usn/USN-2247-1 [ADVISORY]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 [WEB]