QwikSec

Security Database

CVE

CWE

Training

CVE-2012-5625

Published: Dec 26, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

https://bugs.launchpad.net/nova/+bug/1070539

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_OSVDB

[oss-security] 20121211 [OSSA 2012-020] Information leak in libvirt LVM-backed instances (CVE-2012-5625)

mailing-list

x_refsource_MLIST

https://launchpad.net/nova/folsom/2012.2.2

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=884293

x_refsource_MISC

https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354

x_refsource_CONFIRM

https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.