Lucene search

K
seebugRootSSV:60980
HistoryAug 27, 2013 - 12:00 a.m.

OpenStack Cinder 信息泄漏漏洞(CVE-2013-4183)

2013-08-2700:00:00
Root
www.seebug.org
22

EPSS

0

Percentile

5.1%

Bugtraq ID:61689
CVE ID:CVE-2013-4183

OpenStack Cinder是为Openstack提供块存储的功能

OpenStack Cinder LVM卷驱动存在一个安全漏洞,当配置了安全删除(secure delete)时LVM快照内容可能没有正确删除清除,可导致这些数据泄漏给之后租此服务器的租户
0
OpenStack Cinder
厂商解决方案

用户可参考如下厂商提供的安全补丁以修复该漏洞:
Havana (development branch) fix:
https://review.openstack.org/36506
Grizzly fix:
https://review.openstack.org/39565