CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 2CVE-2017-18191 – openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host
https://notcve.org/view.php?id=CVE-2017-18191
19 Feb 2018 — An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected. Se ha descubierto un problema en OpenStack Nova en versio... • http://openwall.com/lists/oss-security/2018/04/20/3 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 38%CPEs: 66EXPL: 0CVE-2017-18017 – kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
https://notcve.org/view.php?id=CVE-2017-18017
03 Jan 2018 — The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. La función tcpmss_mangle_packet en net/netfilter/xt_TCPMSS.c en el kernel de Linux, en versiones anteriores a la 4.11 y en versiones 4.9.x anteriores a la 4.9.36, permite que atacantes remotos p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17051
https://notcve.org/view.php?id=CVE-2017-17051
05 Dec 2017 — An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was introduced with the fix for OSSA-2017-005 (CVE-2017-16239); however, only Nova stable/pike or later deployments with that fix applied and relying on the default FilterScheduler are affected. Se ha descubierto un prob... • http://www.securityfocus.com/bid/102102 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 3%CPEs: 3EXPL: 0CVE-2017-16613 – Debian Security Advisory 4044-1
https://notcve.org/view.php?id=CVE-2017-16613
21 Nov 2017 — An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project... • http://www.securityfocus.com/bid/101926 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2017-16239 – openstack-nova: Nova Filter Scheduler bypass through rebuild action
https://notcve.org/view.php?id=CVE-2017-16239
14 Nov 2017 — In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters (for example, the ImagePropertiesFilter or the IsolatedHostsFilter). All setups using Nova Filter Scheduler are affected. Because of the regression described in Launchpad Bug #1732947, the preferred fix is a 14.x version after 14.0.10, a 15.x version after 15.0.8, or a 16.x version after 16.0.3. En OpenStack ... • http://www.securityfocus.com/bid/101950 • CWE-841: Improper Enforcement of Behavioral Workflow •
CVSS: 6.5EPSS: 2%CPEs: 3EXPL: 1CVE-2015-5695
https://notcve.org/view.php?id=CVE-2015-5695
31 Aug 2017 — Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set. Designate 2015.1.0 a 1.0.0.0b1, tal y como viene en OpenStack Kilo no ejecuta RecordSets por dominio y Records por cuotas de RecordSet cuando procesa una transferencia de archivos de zona interna, lo que puede... • http://lists.openstack.org/pipermail/openstack/2015-July/013548.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7549 – instack-undercloud: uses hardcoded /tmp paths
https://notcve.org/view.php?id=CVE-2017-7549
30 Aug 2017 — A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. Se ha encontrado un error en la versión 7.2.0 de instack-undercloud tal y como viene incorporado en Red Hat ... • http://www.securityfocus.com/bid/100407 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12440 – openstack-aodh: Aodh can be used to launder Keystone trusts
https://notcve.org/view.php?id=CVE-2017-12440
18 Aug 2017 — Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. Aodh, ta... • http://www.debian.org/security/2017/dsa-3953 • CWE-306: Missing Authentication for Critical Function CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3156
https://notcve.org/view.php?id=CVE-2015-3156
11 Aug 2017 — The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in trove/guestagent/datastore/experimental/redis/service.py, _write_mycnf function in trove/guestagent/datastore/mysql/service.py, InnoBackupEx::_run_prepare function in trove/guestagent/strategies/restore/mysql_impl.py, InnoBackupEx::cmd function in trove/guestagent/strategies/backup/mysql_impl.p... • https://bugs.launchpad.net/trove/+bug/1398195 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.7EPSS: 0%CPEs: 16EXPL: 0CVE-2015-2687
https://notcve.org/view.php?id=CVE-2015-2687
09 Aug 2017 — OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for. OpenStack Compute (nova) Icehouse, Juno y Havana, cuando la migración en vivo fracasa, permiten que usuarios locales accedan a volúmenes de la máquina virtual a los que normalmente no habrían tenido permiso para hacerlo. • http://www.openwall.com/lists/oss-security/2015/03/24/10 • CWE-284: Improper Access Control •