Thierry Carrez <thierry> reports: Pádraig Brady (Red Hat) Products: Nova Affects: All versions Upon further inspection of the code, Pádraig Brady from Red Hat found an additional vulnerability. By crafting a malicious image and requesting an instance based on it, a remote authenticated user may corrupt arbitrary files on the host filesystem, potentially resulting in a denial of service. This affects all setups.
This is public now www.openwall.com/lists/oss-security/2012/07/03/2 filing trackers
References: https://bugs.launchpad.net/nova/+bug/1015531 http://www.openwall.com/lists/oss-security/2012/07/03/2 Fixes: Folsom: https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7 Essex: https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9 Diablo: see patch at https://review.openstack.org/9268
Created openstack-nova tracking bugs for this issue Affects: fedora-all [bug 844038]
Created openstack-nova tracking bugs for this issue Affects: epel-6 [bug 844039]