OpenStack Compute (nova)

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #2004555
Comment #145

Comment 145 for bug 2004555

Revision history for this message

Alan Bishop (alan-bishop) wrote on 2023-05-04: Re: Unauthorized volume access through deleted volume attachments (CVE-2023-2088)

#145

I wish I could offer more details and a definitive answer, but Gorka is on holiday this week and so I have to take a stab at answering this one. I believe the osbrick-fc-2004555-master_to_zed.patch patch from comment #130 may not supersede the osbrick-leak-2004555-master.patch attachment in comment #123. I think the former (the -fc patch) is an additional patch that adds "force detach" to FC connections. That is, it only applies to FC connections. The osbrick-leak-2004555-master.patch is also part of the solution, and is distinct from the FC-only patch. Hopefully Brian and/or Rajat can confirm or deny my response.