Launchpad CVE tracker

CVE 2014-0134

The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.

Related bugs and status

CVE-2014-0134 (Candidate) is related to these bugs:

Bug #1185019: rootwrap sudoers configuration does not follow packaging guidelines

		In	Importance	Status
1185019	rootwrap sudoers configuration does not follow packaging guidelines	nova (Ubuntu)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	cinder (Ubuntu)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	neutron (Ubuntu)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	cinder (Ubuntu Saucy)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	neutron (Ubuntu Saucy)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	nova (Ubuntu Saucy)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	cinder (Ubuntu Trusty)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	neutron (Ubuntu Trusty)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	nova (Ubuntu Trusty)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	cinder (Ubuntu Utopic)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	neutron (Ubuntu Utopic)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	nova (Ubuntu Utopic)	High	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	ironic (Ubuntu)	Undecided	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	ironic (Ubuntu Utopic)	Undecided	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	manila (Ubuntu)	Undecided	Fix Released
1185019	rootwrap sudoers configuration does not follow packaging guidelines	manila (Ubuntu Utopic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-0134

References