Back to bug 1869426
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Nick Tait | 2020-08-17 23:41:14 UTC | CC | security-response-team | |
| Nick Tait | 2020-08-17 23:47:09 UTC | Depends On | 1862353 | |
| Nick Tait | 2020-08-20 19:49:50 UTC | Doc Text | An information disclosure flaw was found in the live migration feature of OpenStack Nova. A user may gain access to destination host devices which had the same path as those on the source host. An attacker could exploit this flaw by performing a soft reboot of an instance which has previously undergone live migration. The greatest impact is to the confidentiality of many possible device types, but those at special risk are block storage devices - potentially revealing data of other users. | |
| Nick Tait | 2020-08-20 19:53:32 UTC | Depends On | 1870822, 1870821, 1870819, 1870823, 1870820 | |
| RaTasha Tillery-Smith | 2020-08-21 12:34:42 UTC | Doc Text | An information disclosure flaw was found in the live migration feature of OpenStack Nova. A user may gain access to destination host devices which had the same path as those on the source host. An attacker could exploit this flaw by performing a soft reboot of an instance which has previously undergone live migration. The greatest impact is to the confidentiality of many possible device types, but those at special risk are block storage devices - potentially revealing data of other users. | An information disclosure flaw was found in the live migration feature of OpenStack Nova. A user may gain access to destination host devices with the same path as those on the source host. This flaw allows an attacker to perform a soft reboot of an instance that has previously undergone live migration. The greatest impact of this vulnerability is to the confidentiality of many possible device types, but those at special risk are block storage devices, potentially revealing data of other users. |
| Nick Tait | 2020-08-21 15:35:35 UTC | CC | lyarwood | |
| Nick Tait | 2020-08-21 21:15:40 UTC | Comment | 0 | updated |
| Nick Tait | 2020-08-25 14:36:59 UTC | Fixed In Version | openstack-nova 20.3.1, openstack-nova 20.1.2, openstack-nova 19.3.1 | |
| Nick Tait | 2020-08-25 15:10:58 UTC | Group | security, qe_staff | |
| CC | nova-maint | |||
| Deadline | 2020-08-25 | |||
| Summary | EMBARGOED CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML | CVE-2020-17376 openstack-nova: Soft reboot after live-migration reverts instance to original source domain XML | ||
| Keigo Noha | 2020-08-26 01:10:01 UTC | CC | knoha | |
| Joshua Padman | 2020-08-27 01:38:48 UTC | Depends On | 1823988 | |
| Nick Tait | 2020-08-28 15:50:11 UTC | Fixed In Version | openstack-nova 20.3.1, openstack-nova 20.1.2, openstack-nova 19.3.1 | openstack-nova 20.3.1, openstack-nova 20.1.2, openstack-nova 19.3.1, openstack-nova 17.0.13, openstack-nova 14.1.0 |
| errata-xmlrpc | 2020-09-10 04:50:07 UTC | Link ID | Red Hat Product Errata RHSA-2020:3702 | |
| errata-xmlrpc | 2020-09-10 05:09:19 UTC | Link ID | Red Hat Product Errata RHSA-2020:3704 | |
| errata-xmlrpc | 2020-09-10 06:47:14 UTC | Link ID | Red Hat Product Errata RHSA-2020:3706 | |
| Product Security DevOps Team | 2020-09-10 07:17:44 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2020-09-10 07:17:44 UTC | |||
| errata-xmlrpc | 2020-09-10 07:29:06 UTC | Link ID | Red Hat Product Errata RHSA-2020:3708 | |
| errata-xmlrpc | 2020-09-10 08:10:12 UTC | Link ID | Red Hat Product Errata RHSA-2020:3711 | |
| Lee Yarwood | 2020-10-19 09:47:13 UTC | Depends On | 1889289 |
Back to bug 1869426