CVE-2014-3641
Published: 08 October 2014
The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.
Priority
Status
Package | Release | Status |
---|---|---|
cinder Launchpad, Ubuntu, Debian |
Upstream |
Released
(2014.1.3-1)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [1:2014.1.3-0ubuntu1])
|
|
Patches: Upstream: https://review.openstack.org/#/c/125671/ (juno) Upstream: https://review.openstack.org/#/c/125710/ (icehouse) |