What is CVE-2020-10731?

CVE-2020-10731 is a vulnerability found in the nova_libvirt container provided by Red Hat OpenStack Platform 16, where SELinux is disabled, causing the important isolation mechanism sVirt to be disabled for all running virtual machines.

What is the severity of CVE-2020-10731?

CVE-2020-10731 has a severity rating of 9.9 (Critical).

How does CVE-2020-10731 affect Red Hat OpenStack Platform 15.0?

Red Hat OpenStack Platform 15.0 is affected by CVE-2020-10731 with SELinux disabled in the nova_libvirt container, causing sVirt to be disabled for all running virtual machines.

How does CVE-2020-10731 affect Red Hat OpenStack Platform 16.0 and 16.1?

Red Hat OpenStack Platform 16.0 and 16.1 are affected by CVE-2020-10731 with SELinux disabled in the nova_libvirt container, causing sVirt to be disabled for all running virtual machines.

How can I fix CVE-2020-10731?

To fix CVE-2020-10731, it is recommended to update the affected package to version 11.3.2 for Red Hat OpenStack Platform 16, and version 10.6.3 for Red Hat OpenStack Platform 15.0.

Vulnerability/
CVE-2020-10731

critical

9.9

CWE

284

5/5/2020

31/7/2020

19/10/2021

CVE-2020-10731

First published: Tue May 05 2020(Updated: )

A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Redhat Openstack Platform	=15.0
Redhat Openstack Platform	=16.0
Redhat Openstack Platform	=16.1
redhat/openstack-tripleo-heat-templates	<11.3.2	11.3.2
redhat/openstack-tripleo-heat-templates	<10.6.3	10.6.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-10731?
CVE-2020-10731 is a vulnerability found in the nova_libvirt container provided by Red Hat OpenStack Platform 16, where SELinux is disabled, causing the important isolation mechanism sVirt to be disabled for all running virtual machines.
What is the severity of CVE-2020-10731?
CVE-2020-10731 has a severity rating of 9.9 (Critical).
How does CVE-2020-10731 affect Red Hat OpenStack Platform 15.0?
Red Hat OpenStack Platform 15.0 is affected by CVE-2020-10731 with SELinux disabled in the nova_libvirt container, causing sVirt to be disabled for all running virtual machines.
How does CVE-2020-10731 affect Red Hat OpenStack Platform 16.0 and 16.1?
Red Hat OpenStack Platform 16.0 and 16.1 are affected by CVE-2020-10731 with SELinux disabled in the nova_libvirt container, causing sVirt to be disabled for all running virtual machines.
How can I fix CVE-2020-10731?
To fix CVE-2020-10731, it is recommended to update the affected package to version 11.3.2 for Red Hat OpenStack Platform 16, and version 10.6.3 for Red Hat OpenStack Platform 15.0.

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-index
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2020-10731
agent/software-canonical-lookup
vendor/redhat
canonical/redhat openstack platform
version/redhat openstack platform/15.0
version/redhat openstack platform/16.0
version/redhat openstack platform/16.1
package-manager/redhat

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.