CVE-2013-7130

Name of the Vulnerable Software and Affected Versions OpenStack Compute (Nova) versions Grizzly through Icehouse

Description The issue arises from the i create images and backing method in the libvirt driver, specifically when utilizing KVM live block migration. This method fails to create all expected files, allowing attackers to access the snapshot root disk contents of other users via ephemeral storage.

Recommendations For OpenStack Compute (Nova) versions Grizzly through Icehouse, consider restricting access to the ephemeral storage to minimize the risk of exploitation until a proper fix is applied. As a temporary workaround, review and adjust the configuration of the libvirt driver to ensure proper file creation during KVM live block migration.