|
oss-sec
mailing list archives
[OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140)
From: Tristan Cacqueray <tdecacqu () redhat com>
Date: Tue, 8 Mar 2016 20:16:39 +0000
===========================================================
OSSA-2016-007: Nova host data leak through resize/migration
===========================================================
:Date: March 08, 2016
:CVE: CVE-2016-2140
Affects
~~~~~~~
- Nova: <=2015.1.3, >=12.0.0 <=12.0.2
Description
~~~~~~~~~~~
Matthew Booth from Red Hat reported a vulnerability in Nova instance
resize/migration. By overwriting an ephemeral or root disk with a
malicious image before requesting a resize, an authenticated user may
be able to read arbitrary files from the compute host. Only setups
using libvirt driver with raw storage and setting "use_cow_images =
False" (not default) are affected.
Patches
~~~~~~~
- https://review.openstack.org/289960 (Kilo)
- https://review.openstack.org/289958 (Liberty)
- https://review.openstack.org/289957 (Mitaka)
Credits
~~~~~~~
- Matthew Booth from Red Hat (CVE-2016-2140)
References
~~~~~~~~~~
- https://bugs.launchpad.net/bugs/1548450
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2140
Notes
~~~~~
- This fix will be included in future 2015.1.3 (kilo) and 12.0.3
(liberty) releases.
--
Tristan Cacqueray
OpenStack Vulnerability Management Team
Attachment:
signature.asc
Description: OpenPGP digital signature
 By Date 
By Thread
Current thread:
- [OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140) Tristan Cacqueray (Mar 08)
| 
