CVE-2017-18191

Опубликовано: 19 фев. 2018

Источник: ubuntu

Приоритет: low

CVSS2: 7.8

CVSS3: 7.5

Описание

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.

Релиз	Статус	Примечание
artful	released	2:16.1.2-0ubuntu1
bionic	not-affected	2:17.0.3-0ubuntu1
cosmic	not-affected	2:18.0.0~b1-0ubuntu1
devel	not-affected	2:18.0.0~b1-0ubuntu1
disco	not-affected	2:18.0.0~b1-0ubuntu1
eoan	not-affected	2:18.0.0~b1-0ubuntu1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
esm-infra/bionic	not-affected	2:17.0.3-0ubuntu1
esm-infra/focal	not-affected	2:18.0.0~b1-0ubuntu1
esm-infra/xenial	released	2:13.1.4-0ubuntu4.5+esm1

Показывать по

Ссылки на источники

7.8 High

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2017-18191

CVSS3: 6.5

redhat

почти 8 лет назад

CVE-2017-18191

CVSS3: 7.5

nvd

почти 8 лет назад

CVE-2017-18191

CVSS3: 7.5

debian

почти 8 лет назад

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x ...

GHSA-ffmh-r67w-m88f

CVSS3: 7.5

github

больше 3 лет назад

OpenStack Nova Denial of service attack on the compute host

7.8 High

CVSS2

7.5 High

CVSS3

CVE-2017-18191

Описание

Пакет nova

Ссылки на источники

Связанные уязвимости