// For flags

CVE-2017-18191

openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.

Se ha descubierto un problema en OpenStack Nova en versiones 15.x hasta la 15.1.0 y 16.x hasta la 16.1.1. Al desconectar y volver a conectar un volumen cifrado, un atacante podría acceder al volumen en bruto subyacente y corromper la cabecera LUKS, resultando en un ataque de denegación de servicio (DoS) en el host de computación. (El mismo código de error resulta en pérdida de datos, pero no se trata de una vulnerabilidad porque el usuario pierde sus propios datos). Todas las configuraciones de Nova que soportan volúmenes cifrados están afectadas.

OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting encrypted volumes are affected.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-02-19 CVE Reserved
  • 2018-02-19 CVE Published
  • 2023-07-13 EPSS Updated
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openstack
Search vendor "Openstack"
Nova
Search vendor "Openstack" for product "Nova"
>= 15.0.0 <= 15.1.0
Search vendor "Openstack" for product "Nova" and version " >= 15.0.0 <= 15.1.0"
-
Affected
Openstack
Search vendor "Openstack"
Nova
Search vendor "Openstack" for product "Nova"
>= 16.0.0 <= 16.1.1
Search vendor "Openstack" for product "Nova" and version " >= 16.0.0 <= 16.1.1"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
9
Search vendor "Redhat" for product "Openstack" and version "9"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
10
Search vendor "Redhat" for product "Openstack" and version "10"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
12
Search vendor "Redhat" for product "Openstack" and version "12"
-
Affected