Bug 2161812 (CVE-2022-47951)
| Summary: | CVE-2022-47951 openstack: Arbitrary file access through custom VMDK flat descriptor | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Anten Skrabec <askrabec> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | ahanwate, athomas, cinder-bugs, cyril, dasmith, eglynn, jhakimra, jjoyce, kchamart, lhh, mburns, mgarciac, msava, nova-maint, sbauza, security-response-team, sgordon, smooney, spower, vromanso |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Cinder 19.1.2, Cinder 20.0.2 Glance 23.0.1, Glance 24.1.1 Nova 24.1.2, Nova 25.0.2 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in OpenStack-nova, Openstack-glance, and Openstack-cinder. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-03-15 23:30:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2164302, 2164303, 2162747, 2162748, 2162749, 2162750, 2162751, 2162752, 2162753, 2162754, 2162755, 2164304, 2165703, 2165704, 2165705 | ||
| Bug Blocks: | 2160861 | ||
|
Description
Anten Skrabec
2023-01-18 00:20:04 UTC
Created openstack-cinder tracking bugs for this issue: Affects: openstack-rdo [bug 2164304] Created openstack-glance tracking bugs for this issue: Affects: openstack-rdo [bug 2164303] Created openstack-nova tracking bugs for this issue: Affects: openstack-rdo [bug 2164302] This issue has been addressed in the following products: Red Hat OpenStack Platform 17.0 Via RHSA-2023:1015 https://access.redhat.com/errata/RHSA-2023:1015 This issue has been addressed in the following products: Red Hat OpenStack Platform 17.0 Via RHSA-2023:1016 https://access.redhat.com/errata/RHSA-2023:1016 This issue has been addressed in the following products: Red Hat OpenStack Platform 17.0 Via RHSA-2023:1017 https://access.redhat.com/errata/RHSA-2023:1017 This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 - ELS Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS Red Hat OpenStack Platform 16.1 Red Hat OpenStack Platform 16.2 Via RHSA-2023:1278 https://access.redhat.com/errata/RHSA-2023:1278 This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 - ELS Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS Red Hat OpenStack Platform 16.1 Red Hat OpenStack Platform 16.2 Via RHSA-2023:1279 https://access.redhat.com/errata/RHSA-2023:1279 This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 - ELS Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS Red Hat OpenStack Platform 16.1 Red Hat OpenStack Platform 16.2 Via RHSA-2023:1280 https://access.redhat.com/errata/RHSA-2023:1280 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-47951 |