PublicDateAtUSN: 2012-12-11 15:00:00 UTC
Candidate: CVE-2012-5625
CRD: 2012-12-11 15:00:00 UTC
PublicDate: 2012-12-26 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5625
 https://ubuntu.com/security/notices/USN-1663-1
Description:
 OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using
 libvirt and LVM backed instances, does not properly clear physical volume
 (PV) content when reallocating for instances, which allows attackers to
 obtain sensitive information by reading the memory of the previous logical
 volume (LV).
Ubuntu-Description:
Notes:
 jdstrand> only affects Folsom and higher per upstream
Bugs:
 https://launchpad.net/bugs/1070539
Priority: medium
Discovered-by: Eric Windisch
Assigned-to: jdstrand
CVSS: 

Patches_nova:
 upstream: http://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
upstream_nova: released (2013.1~g2)
hardy_nova: DNE
lucid_nova: DNE
oneiric_nova: not-affected
precise_nova: not-affected
quantal_nova: released (2012.2-0ubuntu5.2)
devel_nova: not-affected (2013.1~g2-0ubuntu3)