settingsLogin | Registersettings

[openstack-announce] [OSSA 2016-007] Nova host data leak through resize/migration (CVE-2016-2140)

0 votes

===========================================================
OSSA-2016-007: Nova host data leak through resize/migration
===========================================================

:Date: March 08, 2016
:CVE: CVE-2016-2140

Affects
~~~~~~~
- Nova: <=2015.1.3, >=12.0.0 <=12.0.2

Description
~~~~~~~~~~~
Matthew Booth from Red Hat reported a vulnerability in Nova instance
resize/migration. By overwriting an ephemeral or root disk with a
malicious image before requesting a resize, an authenticated user may
be able to read arbitrary files from the compute host. Only setups
using libvirt driver with raw storage and setting "usecowimages =
False" (not default) are affected.

Patches
~~~~~~~
- https://review.openstack.org/289960 (Kilo)
- https://review.openstack.org/289958 (Liberty)
- https://review.openstack.org/289957 (Mitaka)

Credits
~~~~~~~
- Matthew Booth from Red Hat (CVE-2016-2140)

References
~~~~~~~~~~
- https://bugs.launchpad.net/bugs/1548450
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2140

Notes
~~~~~
- This fix will be included in future 2015.1.3 (kilo) and 12.0.3
(liberty) releases.

--
Tristan Cacqueray
OpenStack Vulnerability Management Team


OpenStack-announce mailing list
OpenStack-announce@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-announce

asked Mar 8, 2016 in openstack-announce by tdecacqu_at_redhat.c (2,120 points)   1 1 2

1 Response

0 votes

On 03/08/2016 08:16 PM, Tristan Cacqueray wrote:

OSSA-2016-007: Nova host data leak through resize/migration

:Date: March 08, 2016
:CVE: CVE-2016-2140

Affects
~~~~~~~
- Nova: <=2015.1.3, >=12.0.0 <=12.0.2

Description
~~~~~~~~~~~
Matthew Booth from Red Hat reported a vulnerability in Nova instance
resize/migration. By overwriting an ephemeral or root disk with a
malicious image before requesting a resize, an authenticated user may
be able to read arbitrary files from the compute host. Only setups
using libvirt driver with raw storage and setting "usecowimages =
False" (not default) are affected.

Patches
~~~~~~~
- https://review.openstack.org/289960 (Kilo)
- https://review.openstack.org/289958 (Liberty)
- https://review.openstack.org/289957 (Mitaka)

Credits
~~~~~~~
- Matthew Booth from Red Hat (CVE-2016-2140)

References
~~~~~~~~~~
- https://bugs.launchpad.net/bugs/1548450
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2140

Notes
~~~~~
- This fix will be included in future 2015.1.3 (kilo) and 12.0.3
(liberty) releases.

There is a typo in the note, this fix will be included in future
2015.1.4 (kilo). Further advisories will drop that note entirely, use
http://releases.openstack.org/ to check stable version number including
the fix.

--
Tristan Cacqueray
OpenStack Vulnerability Management Team


OpenStack-announce mailing list
OpenStack-announce@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-announce

responded Mar 8, 2016 by tdecacqu_at_redhat.c (2,120 points)   1 1 2
...