CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

Design/Logic Flaw

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

CVE-2017-18191

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. The same code error...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

How to Mitigate the Threat Cryptocurrency Mining Poses to Enterprise Security

The growing popularity of Bitcoin and other cryptocurrencies is generating curiosity—and concern—among security specialists. Crypto mining software has been found on user machines, often installed by botnets. Organizations need to understand the risks posed by this software and what actions, if...

Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update

An update for openstack-nova is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

Spoofing

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

UBUNTU-CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...

CVE-2017-15114

Technical details are not publicly available in the provided connected documents. The CVE description is repeated across sources without specifics on affected products, versions, or fixes. Monitor for updates from vendor advisories.

CVE-2017-15114

When libvirtd is configured by OSP director tripleo-heat-templates to use TLS transport, it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured, this allows these services to connect to libvirtd which is equivalent to root access...

CVE-2015-2687

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

CVE-2015-2687

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

CVE-2015-2687

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

Design/Logic Flaw

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

PYSEC-2017-145

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...

CVE-2015-2687

OpenStack Compute (Nova) vulnerability CVE-2015-2687 affects Icehouse, Juno and Havana. When live migration fails, local users can access VM volumes they normally should not be able to access. The provided connected documents do not specify the underlying root cause, affected component details be...

CVE-2015-2687

OpenStack Compute nova Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for...