[PKG-Openstack-devel] Bug#742712: CVE-2014-0134: Nova host data leak to vm instance in rescue mode
Thomas Goirand
zigo at debian.org
Wed Mar 26 15:26:03 UTC 2014
Source: nova
Version: 2013.2.2-3
Severity: important
Title: Nova host data leak to vm instance in rescue mode.
Reporter: Stanislaw Pitucha (HP)
Products: Nova
Versions: 2013.2 versions up to 2013.2.2
Description:
Stanislaw Pitucha from Hewlett Packard reported a vulnerability in the
Nova instance rescue mode. By overwriting the disk inside an instance
with a malicious image and switching the instance to rescue mode, an
authenticated user would be able to leak an arbitrary file from the
compute host to the virtual instance. Note that the host file must be
readable by the libvirt/kvm context to be exposed. Only setups using
libvirt to spawn instance, and having "use_cow_images = False" in Nova
configuration are affected.
Proposed patch:
See attached patches. Unless a flaw is discovered in them, these patches
will be merged to stable/havana and master (Icehouse development branch)
on the public disclosure date.
CVE: CVE-2014-0134
Proposed public disclosure date/time:
2014-03-25 15:00 UTC
Please do not make the issue public (or release public patches) before
this coordinated embargo date.
More information about the Openstack-devel
mailing list