Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Jun 2015 06:33:36 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: oss-security@...ts.openwall.com
Cc: Tristan Cacqueray <tdecacqu@...hat.com>
Subject: Re: [OSSA 2015-011] Cinder host file disclosure
 through qcow2 backing file (CVE-2015-1850)

Hi,

On Tue, Jun 16, 2015 at 10:41:59AM -0700, Tristan Cacqueray wrote:
> =====================================================================
> OSSA-2015-011: Cinder host file disclosure through qcow2 backing file
> =====================================================================
> 
> :Date: June 16, 2015
> :CVE: CVE-2015-1850
> 
> 
> Affects
> ~~~~~~~
> - Cinder: versions through 2014.1.4,
>           and 2014.2 versions through 2014.2.3,
>           and version 2015.1.0
> 
> 
> Description
> ~~~~~~~~~~~
> Bastian Blank from credativ reported a vulnerability in Cinder. By
> overwriting an image with a malicious qcow2 header, an authenticated
> user may mislead Cinder upload-to-image action, resulting in
> disclosure of any file from the Cinder server. All Cinder setups are
> affected.
> 
> 
> Patches
> ~~~~~~~
> - https://review.openstack.org/191871 (Icehouse)
> - https://review.openstack.org/191865 (Juno)
> - https://review.openstack.org/191786 (Kilo)
> - https://review.openstack.org/191785 (Liberty)
> 
> 
> Credits
> ~~~~~~~
> - Bastian Blank from Credativ (CVE-2015-1850)

Could you clearify if this CVE assignment is correct? I noticed that
Red Hat Bugzilla has
https://bugzilla.redhat.com/show_bug.cgi?id=1231816 (CVE-2015-1850)
for the nova issue and similarly
https://bugzilla.redhat.com/show_bug.cgi?id=1231817 (CVE-2015-1851)
for the cinder issue. Is this correct?

Regards and thanks in advance,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ