Adds OSSA 2016-007 (CVE-2016-2140)

Change-Id: I95d3a2211e25e7e121b4a67a729e4c4364eb1118 Related-Bug: #1548450
2016-03-08 10:05:25 -05:00 · 2016-03-08 10:05:25 -05:00 · 51a4f35c3e
parent 2666088c83
commit 51a4f35c3e
1 changed files with 49 additions and 0 deletions
--- a/ossa/OSSA-2016-007.yaml
+++ b/ossa/OSSA-2016-007.yaml
@ -0,0 +1,49 @@
+date: 2016-03-08
+
+id: OSSA-2016-007
+
+title: 'Nova host data leak through resize/migration'
+
+description: 'Matthew Booth from Red Hat reported a vulnerability in Nova instance
+    resize/migration. By overwriting an ephemeral or root disk with a malicious
+    image before requesting a resize, an authenticated user may be able to read
+    arbitrary files from the compute host. Only setups using libvirt driver with
+    raw storage and setting "use_cow_images = False" (not default) are affected.'
+
+affected-products:
+
+  - product: nova
+    version: "<=2015.1.3, >=12.0.0 <=12.0.2"
+
+vulnerabilities:
+
+  - cve-id: CVE-2016-2140
+
+reporters:
+
+  - name: 'Matthew Booth'
+    affiliation: Red Hat
+    reported:
+      - CVE-2016-2140
+
+issues:
+
+  links:
+    - https://bugs.launchpad.net/bugs/1548450
+
+reviews:
+
+  mitaka:
+    - https://review.openstack.org/289957
+
+  liberty:
+    - https://review.openstack.org/289958
+
+  kilo:
+    - https://review.openstack.org/289960
+
+  type: gerrit
+
+notes:
+  - 'This fix will be included in future 2015.1.3 (kilo) and 12.0.3 (liberty)
+     releases.'