Comment 49 for bug 1890501
Revision history for this message
| Nick Tait (nickthetait) wrote Re: Soft reboot after live-migration reverts instance to original source domain XML (CVE-2020-17376) | #49 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
What is the absolute worst case here? With the stars aligned an attacker could get access to:
A) Some files from another guest VM
B) An entire storage volume of another guest VM
C) Storage of all other guest VMs in the deployment
D) Something else?
With a bit better understanding of a the above question we can improve the title for this CVE by more clearly indicating the security risk... Right now my only guess is the pretty vague "Live migrations potentially allow information disclosure"
One element I want to highlight is a mitigation: Deployments which allow regular users to conduct live migrations (default is only Admins) might consider disabling this feature until patches can be deployed. (Then one sentence explaining where this setting can be checked).