Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS1ybTg2LWg0NGMtMnIybc4AA-GX

OpenStack Nova vulnerable to unauthorized access to potentially sensitive data

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file's contents from the server, resulting in unauthorized access to potentially sensitive data. All Nova deployments are affected. NOTE: this issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498.

Permalink: https://github.com/advisories/GHSA-rm86-h44c-2r2m
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1ybTg2LWg0NGMtMnIybc4AA-GX
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 4 months ago
Updated: 24 days ago

CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Identifiers: GHSA-rm86-h44c-2r2m, CVE-2024-40767
References:

• https://nvd.nist.gov/vuln/detail/CVE-2024-40767
• https://launchpad.net/bugs/2071734
• https://security.openstack.org
• https://www.openwall.com/lists/oss-security/2024/07/23/2
• https://review.opendev.org/c/openstack/nova/+/924731
• https://security.openstack.org/ossa/OSSA-2024-002.html
• https://github.com/advisories/GHSA-rm86-h44c-2r2m

Blast Radius: 10.4

Affected Packages