CVE-2015-7548

Name of the Vulnerable Software and Affected Versions OpenStack Compute (Nova) versions prior to 2015.1.3 (kilo) OpenStack Compute (Nova) versions 12.0.x prior to 12.0.1 (liberty)

Description The issue allows remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot, when using libvirt to spawn instances and use cow images is set to false.

Recommendations For OpenStack Compute (Nova) versions prior to 2015.1.3 (kilo), update to version 2015.1.3 or later. For OpenStack Compute (Nova) versions 12.0.x prior to 12.0.1 (liberty), update to version 12.0.1 or later. As a temporary workaround, consider setting use cow images to true to minimize the risk of exploitation.