Information disclosure in Openstack Compute
CVE-2013-7130
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which all…
Vulnerability class: Information Disclosure
EPSS: 0.031 (87.1th percentile) — read the EPSS interpretation.
Affected products
- Openstack Compute — versions 2012.2, 2013.1, 2013.1.1
- Openstack Grizzly
- Openstack Havana
- Openstack Icehouse
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- 65106 (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- openstack-cve20137130-info-disc(90652) (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC)
- 56450 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 102416 (x_refsource_OSVDB, vdb-entry)
- USN-2247-1 (x_refsource_UBUNTU, vendor-advisory)
- RHSA-2014:0231 (x_refsource_REDHAT, vendor-advisory)