1184716 – (CVE-2015-0237) CVE-2015-0237 vdsm: Users attempting a live storage migration create snapshot without snapshot creation permissions

Bug 1184716 (CVE-2015-0237) - CVE-2015-0237 vdsm: Users attempting a live storage migration create snapshot without snapshot creation permissions

Summary: CVE-2015-0237 vdsm: Users attempting a live storage migration create snapshot...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2015-0237
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1188081 1188083
Blocks:	1184715 1189044
TreeView+	depends on / blocked

Reported:	2015-01-22 06:07 UTC by Wade Mealing
Modified:	2023-05-12 06:52 UTC (History)
CC List:	23 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-04-29 04:06:13 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:0888	0	normal	SHIPPED_LIVE	Moderate: Red Hat Enterprise Virtualization Manager 3.5.1 update	2015-04-28 22:40:04 UTC

Description Wade Mealing 2015-01-22 06:07:26 UTC

Red Hat Enterprise Virtualization has an explicit permissions to allow or deny snapshot creation.  This permission is evaded and unchecked during live storage migration of a vm between hosts.

Long chains of snapshots may cause a performance degradation to the VM.  Effectively a user who can live migrate a host, could prevent the host from starting if migrated frequently.

Acknowledgements:

This issue was discovered by Red Hat Enterprise Visualization Engineering.

Comment 1 Wade Mealing 2015-01-27 00:00:43 UTC

kseifired supplied :CVE-2015-0237

Comment 2 Allon Mureinik 2015-01-28 15:04:48 UTC

(In reply to Wade Mealing from comment #0)
> This permission is evaded and unchecked during live
> migration of a vm between hosts.
This doesn't happen in live migration of VMs, but in live STORAGE migration of a virtual disk between storage domains.

Comment 7 Kurt Seifried 2015-03-17 05:55:17 UTC

Statement:

This issue affects the versions of ovirt-engine-backend as shipped with Red Hat Enterprise Virtualization 3. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Comment 13 errata-xmlrpc 2015-04-28 18:44:43 UTC

This issue has been addressed in the following products:

  RHEV Manager version 3.5

Via RHSA-2015:0888 https://rhn.redhat.com/errata/RHSA-2015-0888.html

Note You need to log in before you can comment on or make changes to this bug.

acathrow
alonbl
amureini
bazulay
bmcclain
carnil
dblechte
ecohen
gklein
idith
iheim
jrusnack
juwu
kseifried
lpeer
lsurette
michal.skrivanek
mlipchuk
nobody
security-response-team
thoger
wmealing
yeylon