Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1313454 - (CVE-2016-2140) CVE-2016-2140 openstack-nova: Host data leak through resize/migration
CVE-2016-2140 openstack-nova: Host data leak through resize/migration
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20160308,repo...
: Security
Depends On: 1312924 1313655 1313656 1313657 1313658 1315890 1315891
Blocks: 1313456
  Show dependency treegraph
 
Reported: 2016-03-01 10:55 EST by Adam Mariš
Modified: 2018-09-24 00:03 EDT (History)
36 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
An information-exposure flaw was found in the OpenStack Compute (nova) resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-13 02:29:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:0363 normal SHIPPED_LIVE Important: openstack-nova security update 2016-03-14 10:33:40 EDT
Red Hat Product Errata RHSA-2016:0364 normal SHIPPED_LIVE Important: openstack-nova security update 2016-03-14 10:33:29 EDT
Red Hat Product Errata RHSA-2016:0365 normal SHIPPED_LIVE Important: openstack-nova security update 2016-03-14 10:33:19 EDT
Red Hat Product Errata RHSA-2016:0366 normal SHIPPED_LIVE Important: openstack-nova security update 2016-03-14 10:33:10 EDT

  None (edit)
Description Adam Mariš 2016-03-01 10:55:56 EST 
It was reported that by overwriting an ephemeral or root disk with a malicious image before requesting a resize, an authenticated user may be able to read arbitrary files from the compute host. Only setups using libvirt driver with raw storage and setting "use_cow_images = False" (not default) are affected.

Affected versions: <=2015.1.2, >=12.0.0 <=12.0.2
Comment 1 Adam Mariš 2016-03-01 10:56:09 EST 
Acknowledgments:

Name: Matthew Booth (Red Hat)
Comment 3 Adam Mariš 2016-03-03 04:13 EST 
Created attachment 1132693 [details]
Master/mitaka patch
Comment 4 Adam Mariš 2016-03-03 04:13 EST 
Created attachment 1132694 [details]
Stable/kilo patch
Comment 5 Adam Mariš 2016-03-03 04:14 EST 
Created attachment 1132695 [details]
Stable/liberty patch
Comment 10 Adam Mariš 2016-03-08 10:36:25 EST 
Upstream patches:

https://review.openstack.org/289957 (mitaka)
https://review.openstack.org/289958 (liberty)
https://review.openstack.org/289960 (kilo)
Comment 12 Garth Mollett 2016-03-08 16:52:54 EST 
Created openstack-nova tracking bugs for this issue:

Affects: fedora-all [bug 1315891]
Comment 13 errata-xmlrpc 2016-03-08 17:56:38 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6

Via RHSA-2016:0366 https://rhn.redhat.com/errata/RHSA-2016-0366.html
Comment 14 errata-xmlrpc 2016-03-08 17:57:05 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7

Via RHSA-2016:0365 https://rhn.redhat.com/errata/RHSA-2016-0365.html
Comment 15 errata-xmlrpc 2016-03-08 17:57:32 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7

Via RHSA-2016:0364 https://rhn.redhat.com/errata/RHSA-2016-0364.html
Comment 16 errata-xmlrpc 2016-03-08 17:58:00 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7

Via RHSA-2016:0363 https://rhn.redhat.com/errata/RHSA-2016-0363.html
Comment 19 Andrej Nemec 2016-03-09 03:53:01 EST 
External references:

http://seclists.org/oss-sec/2016/q1/563
Comment 21 Andrej Nemec 2016-03-10 05:25:38 EST 
(In reply to Andrej Nemec from comment #19)
> External references:
> 
> http://seclists.org/oss-sec/2016/q1/563

There is an errata released, which concerns these patches.

http://seclists.org/oss-sec/2016/q1/579
Comment 22 Garth Mollett 2016-03-14 18:57:56 EDT 
(In reply to Andrej Nemec from comment #21)
> (In reply to Andrej Nemec from comment #19)
> > External references:
> > 
> > http://seclists.org/oss-sec/2016/q1/563
> 
> There is an errata released, which concerns these patches.
> 
> http://seclists.org/oss-sec/2016/q1/579

Updated builds correcting this issue have been added to errata.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.