CVE-2013-7130

Priority
Medium
Description
The i_create_images_and_backing (aka create_images_and_backing) method in
libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse,
when using KVM live block migration, does not properly create all expected
files, which allows attackers to obtain snapshot root disk contents of
other users via ephemeral storage.
References
Bugs
Notes
mdeslaur> OSSA 2014-003
jdstrand> saucy needs no change rebuild for saucy-security
jdstrand> Folsom and Essex are affected, but need further backporting
Assigned-to
jdstrand
Package
Source: nova (LP Ubuntu Debian)
Upstream:released (2013.2.2)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (2012.1.3+stable-20130423-e52e6912-0ubuntu1.4)
Ubuntu 13.10 (Saucy Salamander):released (1:2013.2.3-0ubuntu1.2)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1:2014.1~b3-0ubuntu2)
Ubuntu 14.10 (Utopic Unicorn):not-affected (1:2014.1~b3-0ubuntu2)
Patches:
Upstream:https://review.openstack.org/#/c/68658/ (master)
Upstream:https://review.openstack.org/#/c/68659 (havana)
Upstream:https://review.openstack.org/#/c/68660/
Upstream:https://git.openstack.org/cgit/openstack/nova/commit/?id=b0d36683fe064b32cbef013e1c0c46bd018ab9a1 (master)
Upstream:https://git.openstack.org/cgit/openstack/nova/commit/?id=cbeb5e51886b0296349fc476305bfe3d63c627c3 (grizzly)
Upstream:https://git.openstack.org/cgit/openstack/nova/commit/?id=15ee7e17f63f5583307a546ecf28952c364c88f9 (havana)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-06-17 23:14:34 UTC (commit 8156)