CVE-2013-7130 Information

Feb 14, 2021 cve

Description

The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly Havana and Icehouse when using KVM live block migration does not properly create all expected files which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html http://osvdb.org/102416 http://rhn.redhat.com/errata/RHSA-2014-0231.html http://secunia.com/advisories/56450 http://www.openwall.com/lists/oss-security/2014/01/23/5 http://www.securityfocus.com/bid/65106 http://www.ubuntu.com/usn/USN-2247-1 https://bugs.launchpad.net/nova/+bug/1251590 https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 https://review.openstack.org//c/68658/ https://review.openstack.org//c/68659/ https://review.openstack.org//c/68660/

Share on: