CVE-2012-5625

NONECVSS 0.0

0.0

OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume (LV).

🔗 References (20)

secalert@redhathttp://osvdb.org/88419
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2013-0208.html
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/11/5
secalert@redhathttp://www.securityfocus.com/bid/56904
secalert@redhathttp://www.ubuntu.com/usn/USN-1663-1
secalert@redhathttps://bugs.launchpad.net/nova/+bug/1070539
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=884293
secalert@redhathttps://github.com/openstack/nova/commit/9d2ea970422591f8cdc394001be9a2deca499a5f
secalert@redhathttps://github.com/openstack/nova/commit/a99a802e008eed18e39fc1d98170edc495cbd354
secalert@redhathttps://launchpad.net/nova/folsom/2012.2.2
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/88419
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0208.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/12/11/5
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/56904
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1663-1

Is Your Infrastructure Affected by CVE-2012-5625?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-5625

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-5625?