Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1yd2hyLWg2OWctOHFtcc4AAfU3
OpenStack Nova Information leak in libvirt LVM-backed instances
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).
Permalink: https://github.com/advisories/GHSA-rwhr-h69g-8qmqJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yd2hyLWg2OWctOHFtcc4AAfU3
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 2 years ago
Updated: 5 months ago
Identifiers: GHSA-rwhr-h69g-8qmq, CVE-2012-5625
References:
- https://nvd.nist.gov/vuln/detail/CVE-2012-5625
- https://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
- https://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
- https://bugs.launchpad.net/nova/+bug/1070539
- https://bugzilla.redhat.com/show_bug.cgi?id=884293
- https://launchpad.net/nova/folsom/2012.2.2
- http://osvdb.org/88419
- http://rhn.redhat.com/errata/RHSA-2013-0208.html
- http://www.openwall.com/lists/oss-security/2012/12/11/5
- http://www.securityfocus.com/bid/56904
- http://www.ubuntu.com/usn/USN-1663-1
- https://github.com/advisories/GHSA-rwhr-h69g-8qmq
Blast Radius: 0.0
Affected Packages
pypi:nova
Dependent packages: 0Dependent repositories: 40
Downloads: 7,869 last month
Affected Version Ranges: < 12.0.0a0
Fixed in: 12.0.0a0
All affected versions:
All unaffected versions: 15.1.5, 16.1.6, 16.1.7, 16.1.8, 17.0.7, 17.0.8, 17.0.9, 17.0.10, 17.0.11, 17.0.12, 17.0.13, 18.0.2, 18.0.3, 18.1.0, 18.2.0, 18.2.1, 18.2.2, 18.2.3, 18.3.0, 19.0.0, 19.0.1, 19.0.2, 19.0.3, 19.1.0, 19.2.0, 19.3.0, 19.3.1, 19.3.2, 20.0.0, 20.0.1, 20.1.0, 20.1.1, 20.2.0, 20.3.0, 20.4.0, 20.4.1, 20.5.0, 20.6.0, 20.6.1, 21.0.0, 21.1.0, 21.1.1, 21.1.2, 21.2.0, 21.2.1, 21.2.2, 21.2.3, 21.2.4, 22.0.0, 22.0.1, 22.1.0, 22.2.0, 22.2.1, 22.2.2, 22.3.0, 22.4.0, 23.0.0, 23.0.1, 23.0.2, 23.1.0, 23.2.0, 23.2.1, 23.2.2, 24.0.0, 24.1.0, 24.1.1, 24.2.0, 24.2.1, 25.0.0, 25.0.1, 25.1.0, 25.1.1, 25.2.0, 25.2.1, 25.3.0, 26.0.0, 26.1.0, 26.1.1, 26.2.0, 26.2.1, 26.2.2, 26.3.0, 27.0.0, 27.1.0, 27.2.0, 27.3.0, 27.4.0, 27.5.0, 28.0.0, 28.0.1, 28.1.0, 28.2.0, 28.3.0, 29.0.0, 29.0.1, 29.0.2, 29.1.0, 29.2.0, 30.0.0