CVE-2013-7048

Priority
Description
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier
uses world-writable and world-readable permissions for the temporary
directory used to store live snapshots, which allows local users to read
and modify live snapshots.
Notes
 mdeslaur> OSSA 2014-001
 jdstrand> affected code introduced in grizzly (Ubuntu 13.04)
 jdstrand> requires shell access on the compute node
More Information

Updated: 2018-10-31 21:14:31 UTC (commit cfa7cf69d76449ccff972ac22f40976a08d908c2)