Описание
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the server. This issue results in unauthorized access to potentially sensitive data.
Отчет
This vulnerability was rated with a severity of Important due to the potential to read sensitive information from a Nova compute host. This vulnerability was introduced as a result of the fixes for CVE-2024-32498 and only affects versions of Nova that include the patches for CVE-2024-32498.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 18.0 | openstack-nova | Not affected | ||
| Red Hat OpenStack Platform 16.1 | openstack-nova | Fixed | RHSA-2024:5113 | 08.08.2024 |
| Red Hat OpenStack Platform 16.2 | openstack-nova | Fixed | RHSA-2024:5097 | 07.08.2024 |
| Red Hat OpenStack Platform 17.1 for RHEL 8 | openstack-nova | Fixed | RHSA-2024:5082 | 07.08.2024 |
| Red Hat OpenStack Platform 17.1 for RHEL 9 | openstack-nova | Fixed | RHSA-2024:5083 | 07.08.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1. ...
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
EPSS
5.5 Medium
CVSS3