CVE-2016-2140

low-risk
Published 2016-04-12

The libvirt driver in OpenStack Compute (Nova) before 2015.1.4 (kilo) and 12.0.x before 12.0.3 (liberty), when using raw storage and use_cow_images is set to false, allows remote authenticated users to read arbitrary files via a crafted qcow2 header in an ephemeral or root disk.

Do I need to act?

-
0.63% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / HIGH complexity

Affected Products (1)

Nova

Affected Vendors

Openstack

References (8)

Mailing List http://www.openwall.com/lists/oss-security/2016/03/08/6
Third Party Advisory http://www.securityfocus.com/bid/84277
Third Party Advisory https://bugs.launchpad.net/nova/+bug/1548450
Patch https://security.openstack.org/ossa/OSSA-2016-007.html
Mailing List http://www.openwall.com/lists/oss-security/2016/03/08/6
Third Party Advisory http://www.securityfocus.com/bid/84277
Third Party Advisory https://bugs.launchpad.net/nova/+bug/1548450
Patch https://security.openstack.org/ossa/OSSA-2016-007.html
24
/ 100
low-risk
Severity 17/34 · Moderate
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal