Comment 10 for bug 1357372
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Race condition in VNC port allocation when spawning a instance on VMware | #10 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Unless there are other objections, I'll request a CVE with the following impact description:
-----
Title: Nova VMware driver may connect VNC to another tenant's console
Reporter: Marcio Roberto Starke
Products: Nova
Versions: up to 2014.1.3
Description:
Marcio Roberto Starke reported a vulnerability in the Nova VMware driver. A race condition in its VNC port allocation may cause it to connect the wrong console if instances are created concurrently. By repeatedly spawning new instances, an authenticated user may be able to gain unauthorized console access to instances belonging to other tenants. Only Nova setups using the VMware driver and the VNC proxy service are affected.