Openstack Security Advisory: OSSA-2023-002: Arbitrary file access through custom VMDK flat descriptor
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Thales Elero Cervi |
Bug Description
Brief Description
-----------------
There is a new Openstack Security Advisory: https:/
It is not confirmed that Starlingx is impacted.
Severity
--------
Medium: Security Issue
Steps to Reproduce
------------------
N/A
Expected Behavior
------------------
N/A
Actual Behavior
----------------
N/A
Reproducibility
---------------
Reproducible
System Configuration
-------
N/A
Branch/Pull Time/Commit
-------
stx main branch
Last Pass
---------
N/A
Timestamp/Logs
--------------
N/A
Test Activity
-------------
Security vulnerabilities review
Workaround
----------
None
Changed in starlingx: | |
importance: | Undecided → Medium |
Assigning to Thales for review by the stx-openstack team