VDB
CVE-2013-7130
CVE-2013-7130
REJECTED
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.
EPSS 3.13% · 87.1th percentile
Risk Scores
EPSS Score
3.13%
87.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | nova | 0, 1:2013.2-0ubuntu1, 1:2014.1~b1-0ubuntu2 |
Timeline
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2013-7130 third-party-advisory
- http://lists.openstack.org/pipermail/openstack-announce/2014-January/000188.html third-party-advisory
- https://ubuntu.com/security/notices/USN-2247-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2013-7130 third-party-advisory