Your submission was sent successfully! Close

CVE-2014-0134

Published: 8 May 2014

The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.

Priority

Medium

Status

Package Release Status
nova
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

quantal Not vulnerable

saucy
Released (1:2013.2.3-0ubuntu1.2)
trusty Does not exist
(trusty was not-affected)
upstream
Released (2013.2.2-4)