First published: Mon Sep 16 2013(Updated: )
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
OpenStack Cinder | =2013.1.1 | |
OpenStack Cinder | =2013.1.2 | |
pip/cinder | <7.0.0a0 | 7.0.0a0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.