PT-2020-12300 · Red Hat · Red Hat Openstack Platform

Dhananjay Arunesh

Published

2020-07-31

Updated

2021-10-19

CVE-2020-10731

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Red Hat OpenStack Platform version 16

Description A flaw was found in the nova libvirt container where it does not have SELinux enabled, causing sVirt, an important isolation mechanism, to be disabled for all running virtual machines.

Recommendations For Red Hat OpenStack Platform version 16, enable SELinux in the nova libvirt container to mitigate the issue. As a temporary workaround, consider restricting access to sensitive virtual machines until SELinux can be enabled.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2020-10731

RHSA-2020:3199

RHSA-2020:3406

RHSA-2020:3410

Affected Products

Red Hat Openstack Platform

PT-2020-12300 · Red Hat · Red Hat Openstack Platform

CVE-2020-10731

Weakness Enumeration

Related Identifiers

Affected Products

References · 4