CVE-2015-2687

Published: 09 August 2017

OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.

Priority

Low

CVSS 3 base score: 4.7

Status

Package Release Status
nova
Launchpad, Ubuntu, Debian
Upstream Ignored
(EoL upstream release)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)

Notes

AuthorNote
sbeattie
according to bug report, issue applies to havana and earlier

References

Bugs