Comment 63 for bug 2004555
Revision history for this message
| Nick Tait (nickthetait) wrote Re: [ussuri] Wrong volume attachment - volumes overlapping when connected through iscsi on host | #63 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Thanks Gorka and Melanie for your development & testing efforts!
Quick quesion: Would it be possible for an administrator to disable deletion via cinder? this might serve as a mitigation
I took a crack at further condensing the vuln details below.
Impact: An openstack user could gain control of volumes from other users/projects. However, the scope of exposed images is limited to the compute host where the instance is running. Only SCSI based transport protocols are believed to be affected, but not all storage types have been tested.
Affected storage types: iSCSI and FCP
Unaffected storage types: NVMe-oF and RBD
Preconditions:
- For iSCSI the Cinder driver needs to be using "shared targets" where the same iSCSI target and portal tuple is used to present multiple volumes on a compute host.
- For FCP it depends on the storage array:
- Pure: Affected.
- 3PAR: Unaffected.
Attack scenario:
Use cinder to delete an attachment record from a volume which has already been attached to a VM