qcow format could expose host filesystem information
CVE-2011-3147

2.8LOW

Key Information:

Vendor: Openstack
Status: Nova
Vendor: CVE Published:; 22 April 2019

What is CVE-2011-3147?

Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/...

x_refsource_MISC

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 22, 2019
Vulnerability Reserved
Aug 16, 2011

Credit

Scott Moser

JSON

Openstack