漏洞类别:Local
漏洞等级: 
漏洞信息
OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter.
An information-exposure flaw was found in the OpenStack Compute (nova) resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected. (CVE-2016-2140)
漏洞危害
On successful exploitation it allows remote authenticated users to read arbitrary files and excecute code on machine.
解决方案
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2016:0363 to address this issue and obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论