oss-security - [OSSA 2014-001] Nova live snapshots use an insecure local directory (CVE-2013-7048)

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Date: Mon, 13 Jan 2014 14:44:51 +0100
From: Thierry Carrez <thierry@...nstack.org>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: [OSSA 2014-001] Nova live snapshots use an insecure local directory
 (CVE-2013-7048)

OpenStack Security Advisory: 2014-001
CVE: CVE-2013-7048
Date: January 13, 2013
Title: Nova live snapshots use an insecure local directory
Reporter: Daniel Berrange (Red Hat)
Products: Nova
Affects: Grizzly and later

Description:
Daniel Berrange from Red Hat reported that the directories used to
temporarily store live snapshots on Nova compute nodes were writable to
all local users. A local attacker with shell access on compute nodes
could therefore read and modify the contents of live snapshots before
those are uploaded to the image service.

Icehouse (development branch) fix:
https://review.openstack.org/#/c/58852/

Havana fix:
https://review.openstack.org/#/c/60548/

Grizzly fix:
https://review.openstack.org/#/c/60550/

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7048
https://bugs.launchpad.net/nova/+bug/1227027

Regards,

-- 
Thierry Carrez
OpenStack Vulnerability Management Team


Download attachment "signature.asc" of type "application/pgp-signature" (902 bytes)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.