Bug 902629 (CVE-2013-0208) - CVE-2013-0208 openstack-nova: Boot from volume allows access to random volumes
Summary: CVE-2013-0208 openstack-nova: Boot from volume allows access to random volumes
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-0208
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=important,public=20130129,repo...
Depends On: 903034 903035
Blocks: 902643
TreeView+ depends on / blocked
 
Reported: 2013-01-22 06:17 UTC by Kurt Seifried
Modified: 2019-06-08 19:23 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-04-23 12:54:59 UTC


Attachments (Terms of Use)
essex-CVE-2013-0208-1069904.patch (2.14 KB, patch)
2013-01-22 06:51 UTC, Kurt Seifried
no flags Details | Diff
folsom-CVE-2013-0208-1069904.patch (3.08 KB, patch)
2013-01-22 06:52 UTC, Kurt Seifried
no flags Details | Diff
essex-CVE-2013-0208-1069904-v2.patch (2.57 KB, patch)
2013-01-25 05:10 UTC, Kurt Seifried
no flags Details | Diff
folsom-CVE-2013-0208-1069904-v2.patch (3.95 KB, patch)
2013-01-25 05:11 UTC, Kurt Seifried
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0208 normal SHIPPED_LIVE Important: openstack-nova security and bug fix update 2013-01-31 02:04:52 UTC

Description Kurt Seifried 2013-01-22 06:17:22 UTC
Russel Bryant rbryant@redhat.com reports on behalf of the OpenStack Project:

Title: Boot from volume allows access to random volumes
Reporter: Phil Day (HP)
Products: Nova
Affects: Essex, Folsom

Description:
Phil Day from HP reported a vulnerability in volume attachment in
nova-volume, affecting the boot-from-volume feature. By passing a
specific volume ID, an authenticated user may be able to boot from a
volume he doesn't own, potentially resulting in full access to that
3rd-party volume contents. Folsom setups making use of Cinder are not
affected.

Proposed patches:
See attached patches for the Folsom and Essex series. Unless a flaw is
discovered in them, these proposed patches will be merged to Nova
stable/folsom and stable/essex branches on the public disclosure date.

Comment 1 Kurt Seifried 2013-01-22 06:51:55 UTC
Created attachment 684893 [details]
essex-CVE-2013-0208-1069904.patch

Comment 2 Kurt Seifried 2013-01-22 06:52:45 UTC
Created attachment 684894 [details]
folsom-CVE-2013-0208-1069904.patch

Comment 7 Kurt Seifried 2013-01-25 05:10:59 UTC
Created attachment 687206 [details]
essex-CVE-2013-0208-1069904-v2.patch

Comment 8 Kurt Seifried 2013-01-25 05:11:16 UTC
Created attachment 687207 [details]
folsom-CVE-2013-0208-1069904-v2.patch

Comment 9 Kurt Seifried 2013-01-25 05:14:15 UTC
Updated patches have been released, the old ones are incorrect and should not be used, I have marked them as obsolete.

Comment 10 Murray McAllister 2013-01-29 04:54:24 UTC
Acknowledgements:

Red Hat would like to thank the OpenStack project for reporting this issue. Upstream acknowledges Phil Day as the original reporter.

Comment 11 Kurt Seifried 2013-01-29 18:22:53 UTC
This is now public: https://bugs.launchpad.net/nova/+bug/1069904

Comment 12 Pádraig Brady 2013-01-30 10:48:52 UTC
Are there Fedora tracking bugs for this
(Fedora 17 for essex, and Fedora 18/EPEL6 for Folsom)

Comment 13 errata-xmlrpc 2013-01-30 21:07:55 UTC
This issue has been addressed in following products:

  OpenStack Folsom for RHEL 6

Via RHSA-2013:0208 https://rhn.redhat.com/errata/RHSA-2013-0208.html


Note You need to log in before you can comment on or make changes to this bug.