First published: Wed Oct 08 2014(Updated: )
The (1) GlusterFS and (2) Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
OpenStack Cinder | <=2014.1.2 | |
OpenStack Cinder | =2014.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.