Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-5247

The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.

Related bugs and status

CVE-2015-5247 (Candidate) is related to these bugs:

Bug #1534262: Outdated (vulnerable) libvirt package in MOS 6.0

		In	Importance	Status
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 7.0.x	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 6.1.x	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 5.1.x	High	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.ubuntu.com/...
MISC: http://security.libvir...