|
|
Log in / Subscribe / Register

openstack-nova: unintended file access

Package(s):openstack-nova CVE #(s):CVE-2014-0134
Created:May 30, 2014 Updated:June 4, 2014
Description:

From the Red Hat advisory:

It was found that overwriting the disk inside of an instance with a malicious image, and then switching the instance to rescue mode, could potentially allow an authenticated user to access arbitrary files on the compute host depending on the file permissions and SELinux constraints of those files. Only setups that used libvirt to spawn instances and which had the use of cow images disabled ("use_cow_images = False" in nova configuration) were affected.

Alerts:
Ubuntu USN-2247-1 nova 2014-06-17
Red Hat RHSA-2014:0578-01 openstack-nova 2014-05-29
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds