漏洞类别:RedHat
漏洞等级: 
漏洞信息
OpenStack Compute (nova) launches and schedules large networks of virtualmachines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required toorchestrate a cloud, including running virtual machine instances andcontrolling access through users and projects. The following packages have been upgraded to a later upstream version:openstack-nova (16.1.4). (BZ#1591212)
Security Fixes: openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host (CVE-2017-18191)
Affected Products:
Red Hat OpenStack 12 x86_64
Red Hat OpenStack for IBM Power 12 ppc64le
漏洞危害
On successful exploitation it could allow an attacker to execute code.
解决方案
Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.
Refer to Red Hat security advisory RHSA-2018:2332 to address this issue and obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论