CVE-2013-7130
nova: Live migration can leak root disk into ephemeral storage
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
El método i_create_images_and_backing (también conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso de un bloque de migración KVM en vivo, no crea debidamente todos los archivos esperados, lo que permite a atacantes obtener contenido de una instantánea del disco raíz de otros usuarios a través del almacenamiento efímero.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-12-17 CVE Reserved
- 2014-02-06 CVE Published
- 2023-09-19 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (15)
URL | Tag | Source |
---|---|---|
http://osvdb.org/102416 | Vdb Entry | |
http://www.openwall.com/lists/oss-security/2014/01/23/5 | Mailing List | |
http://www.securityfocus.com/bid/65106 | Vdb Entry | |
https://bugs.launchpad.net/nova/+bug/1251590 | X_refsource_misc | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 | Vdb Entry | |
https://review.openstack.org/#/c/68659 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://review.openstack.org/#/c/68658 | 2017-08-29 | |
https://review.openstack.org/#/c/68660 | 2017-08-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openstack Search vendor "Openstack" | Compute Search vendor "Openstack" for product "Compute" | 2012.2 Search vendor "Openstack" for product "Compute" and version "2012.2" | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Compute Search vendor "Openstack" for product "Compute" | 2013.1 Search vendor "Openstack" for product "Compute" and version "2013.1" | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Compute Search vendor "Openstack" for product "Compute" | 2013.1.1 Search vendor "Openstack" for product "Compute" and version "2013.1.1" | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Compute Search vendor "Openstack" for product "Compute" | 2013.1.2 Search vendor "Openstack" for product "Compute" and version "2013.1.2" | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Compute Search vendor "Openstack" for product "Compute" | 2013.1.3 Search vendor "Openstack" for product "Compute" and version "2013.1.3" | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Grizzly Search vendor "Openstack" for product "Grizzly" | - | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Havana Search vendor "Openstack" for product "Havana" | - | - |
Affected
| ||||||
Openstack Search vendor "Openstack" | Icehouse Search vendor "Openstack" for product "Icehouse" | - | - |
Affected
|