I'm going to mark the nova part of this as incomplete since no one has said they know how to demonstrate a vulnerability in nova for this. The CVE for nova is marked as reserved:
Furthermore, distros like Red Hat have already been posting that this is something to be aware of but does not have a fix and is considered low severity:
I'm going to mark the nova part of this as incomplete since no one has said they know how to demonstrate a vulnerability in nova for this. The CVE for nova is marked as reserved:
https:/ /bugs.launchpad .net/bugs/ cve/2015- 1850
And the OSSA was released for the cinder CVE:
https:/ /security. openstack. org/ossa/ OSSA-2015- 011.html
Furthermore, distros like Red Hat have already been posting that this is something to be aware of but does not have a fix and is considered low severity:
https:/ /access. redhat. com/security/ cve/CVE- 2015-1850
Same with Canonical:
http:// people. canonical. com/~ubuntu- security/ cve/2015/ CVE-2015- 1850.html