Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-4183
HistoryAug 07, 2013 - 12:00 a.m.

CVE-2013-4183

2013-08-0700:00:00
ubuntu.com
ubuntu.com
13

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS

0

Percentile

5.1%

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder
2013.1.1 through 2013.1.2 does not properly clear data when deleting a
snapshot, which allows local users to obtain sensitive information via
unspecified vectors.

Bugs

Notes

Author Note
jdstrand per upstream, Ubuntu 12.10 is not affected fixed in updates of Ubuntu 13.04 c6f2f78 introduced a regression and a21b0e87 also needed
OSVersionArchitecturePackageVersionFilename
ubuntu13.04noarchcinder< 1:2013.1.3-0ubuntu2.1UNKNOWN

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS

0

Percentile

5.1%