CVE 2016-2140
The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.
Related bugs and status
CVE-2016-2140 (Candidate) is related to these bugs:
Bug #1548450: [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1548450 | [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) | OpenStack Compute (nova) | Critical | Fix Released | ||
1548450 | [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) | OpenStack Security Advisory | Critical | Fix Released | ||
1548450 | [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) | OpenStack Compute (nova) kilo | Critical | Fix Released | ||
1548450 | [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) | OpenStack Compute (nova) liberty | Critical | Fix Released |
Bug #1552683: Vulnerability in Nova instance resize/migration
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack | High | Invalid | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 5.1.x | High | Fix Committed | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 9.x | High | Invalid | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 6.1.x | High | Fix Released | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 7.0.x | High | Fix Released | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 8.0.x | High | Invalid | ||
1552683 | Vulnerability in Nova instance resize/migration | Mirantis OpenStack 6.0.x | High | Fix Committed |
Bug #1558697: [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1558697 | [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string | OpenStack Compute (nova) | Undecided | Invalid | ||
1558697 | [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string | OpenStack Compute (nova) kilo | High | Fix Released | ||
1558697 | [kilo] libvirt block migrations fail due to disk_info being an encoded JSON string | OpenStack Security Advisory | Undecided | Fix Released |
Bug #1572600: [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1572600 | [OSSA 2016-007] Host data leak during resize/migrate for raw-backed instances (CVE-2016-2140) | Mirantis OpenStack | Critical | Confirmed |
See the
CVE page on Mitre.org
for more details.