Bug 1546937 (CVE-2017-18191)

Summary: CVE-2017-18191 openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host
Product: [Other] Security Response Reporter: Sam Fowler <sfowler>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: apevec, berrange, chrisw, dasmith, eglynn, jhakimra, jjoyce, jpadman, jschluet, kbasil, kchamart, lhh, lpeer, lyarwood, markmc, mburns, nova-maint, rbryant, sbauza, sclewis, sgordon, slinaber, srevivo, tdecacqu, vromanso
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting encrypted volumes are affected.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 03:40:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1547019, 1547020, 1547021, 1547022, 1547023, 1547024, 1547025    
Bug Blocks: 1546939    

Description Sam Fowler 2018-02-20 05:50:41 UTC 
OpenStack Nova 15.x through 15.1.0 and 16.x through 16.0.4 has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. 

All Nova setups supporting encrypted volumes are affected.


Upstream Bug:

https://bugs.launchpad.net/nova/+bug/1739593


Upstream Commit:

https://review.openstack.org/#/c/539893/
Comment 8 errata-xmlrpc 2018-08-20 12:55:27 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 12.0 (Pike)

Via RHSA-2018:2332 https://access.redhat.com/errata/RHSA-2018:2332
Comment 9 errata-xmlrpc 2018-09-17 16:50:50 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 10.0 (Newton)

Via RHSA-2018:2714 https://access.redhat.com/errata/RHSA-2018:2714
Comment 10 errata-xmlrpc 2018-10-02 18:52:18 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 9.0 (Mitaka)

Via RHSA-2018:2855 https://access.redhat.com/errata/RHSA-2018:2855