Back to search
CVE-2014-3641
Published: Oct 8, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2014:1788
vendor-advisory
x_refsource_REDHAT
[oss-security] 20141002 [OSSA 2014-033] Cinder-volume host data leak to vm instance (CVE-2014-3641)
mailing-list
x_refsource_MLIST
70221
vdb-entry
x_refsource_BID
USN-2405-1
vendor-advisory
x_refsource_UBUNTU
https://bugs.launchpad.net/cinder/+bug/1350504
x_refsource_CONFIRM
RHSA-2014:1787
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now