Lucene search
Ubuntu.comUB:CVE-2013-7130HistoryFeb 06, 2014 - 12:00 a.m.
CVE-2013-7130
2014-02-0600:00:00
ubuntu.com
ubuntu.com
13
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
0.008 Low
EPSS
Percentile
81.0%
The i_create_images_and_backing (aka create_images_and_backing) method in
libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse,
when using KVM live block migration, does not properly create all expected
files, which allows attackers to obtain snapshot root disk contents of
other users via ephemeral storage.
Bugs
- <https://bugs.launchpad.net/nova/+bug/1251590>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736465>
Notes
| Author | Note |
|---|---|
| mdeslaur | OSSA 2014-003 |
| jdstrand | saucy needs no change rebuild for saucy-security Folsom and Essex are affected, but need further backporting |
Related
github
github
OpenStack Nova Live migration can leak root disk into ephemeral storage
2022-05-17 01:29:42
prion
prion
Design/Logic Flaw
2014-02-06 17:00:00
cvelist
cvelist
CVE-2013-7130
2014-02-06 16:00:00
nessus
nessus
Fedora 20 : openstack-nova-2013.2.1-4.fc20 (2014-1463)
2014-02-05 00:00:00
Fedora 19 : openstack-nova-2013.1.4-6.fc19 (2014-1516)
2014-02-05 00:00:00
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2247-1)
2014-06-18 00:00:00
cve
cve
CVE-2013-7130
2014-02-06 17:00:00
debiancve
debiancve
CVE-2013-7130
2014-02-06 17:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-nova-2013.2.1-4.fc20
2014-02-05 03:34:44
[SECURITY] Fedora 20 Update: openstack-nova-2013.2.3-2.fc20
2014-07-12 02:22:30
[SECURITY] Fedora 20 Update: openstack-nova-2013.2.2-1.fc20
2014-02-25 07:53:02
redhat
redhat
(RHSA-2014:0366) Moderate: openstack-nova security and bug fix update
2014-04-03 00:00:00
(RHSA-2014:0231) Moderate: openstack-nova security and bug fix update
2014-03-04 00:00:00
openvas
openvas
Fedora Update for openstack-nova FEDORA-2014-1463
2014-08-06 00:00:00
Fedora Update for openstack-nova FEDORA-2014-7954
2014-07-15 00:00:00
Fedora Update for openstack-nova FEDORA-2014-2554
2014-02-25 00:00:00
veracode
veracode
Infomation Disclosure
2019-05-02 04:57:32
Privilege Escalation
2019-05-02 04:57:32
Denial Of Service (DoS)
2019-05-02 04:57:31
ubuntu
ubuntu
OpenStack Nova vulnerabilities
2014-06-17 00:00:00
securityvulns
securityvulns
[USN-2247-1] OpenStack Nova vulnerabilities
2014-06-19 00:00:00
OpenStack multiple security vulnerabilities
2014-06-19 00:00:00
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
0.008 Low
EPSS
Percentile
81.0%
Related for UB:CVE-2013-7130