Back to search
CVE-2013-7130
Published: Feb 6, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://review.openstack.org/#/c/68659/
x_refsource_CONFIRM
https://review.openstack.org/#/c/68658/
x_refsource_CONFIRM
65106
vdb-entry
x_refsource_BID
https://review.openstack.org/#/c/68660/
x_refsource_CONFIRM
openstack-cve20137130-info-disc(90652)
vdb-entry
x_refsource_XF
https://bugs.launchpad.net/nova/+bug/1251590
x_refsource_MISC
56450
third-party-advisory
x_refsource_SECUNIA
102416
vdb-entry
x_refsource_OSVDB
USN-2247-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2014:0231
vendor-advisory
x_refsource_REDHAT
[oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130)
mailing-list
x_refsource_MLIST
FEDORA-2014-1463
vendor-advisory
x_refsource_FEDORA
FEDORA-2014-1516
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now