OpenStack Nova 15.x through 15.1.0 and 16.x through 16.0.4 has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova setups supporting encrypted volumes are affected. Upstream Bug: https://bugs.launchpad.net/nova/+bug/1739593 Upstream Commit: https://review.openstack.org/#/c/539893/
This issue has been addressed in the following products: Red Hat OpenStack Platform 12.0 (Pike) Via RHSA-2018:2332 https://access.redhat.com/errata/RHSA-2018:2332
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2018:2714 https://access.redhat.com/errata/RHSA-2018:2714
This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2018:2855 https://access.redhat.com/errata/RHSA-2018:2855