Candidate: CVE-2014-8750
PublicDate: 2014-10-15 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8750
 http://www.openwall.com/lists/oss-security/2014/10/14/9
Description:
 Race condition in the VMware driver in OpenStack Compute (Nova) before
 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to
 access unintended consoles by spawning an instance that triggers the same
 VNC port to be allocated to two different instances.
Ubuntu-Description:
Notes:
 mdeslaur> requires use with unsupported VMware ESX driver. This is not
  compiled in to libvirt in the Ubuntu archive, which makes this code path
  unavailable in Ubuntu
Bugs:
 https://launchpad.net/bugs/1357372
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_nova:
upstream_nova: needs-triage
lucid_nova: DNE
precise_nova: ignored
trusty_nova: ignored
trusty/esm_nova: DNE (trusty was ignored)
utopic_nova: not-affected (1:2014.2-0ubuntu1)
devel_nova: not-affected (1:2014.2-0ubuntu1)