qcow format could expose host filesystem information
CVE-2011-3147

2.8LOW

Key Information:

Vendor: Openstack
Status: Nova
Vendor: CVE Published:; 22 April 2019

What is CVE-2011-3147?

Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem.

References

http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/...

x_refsource_MISC

CVSS V3.1

Score:

2.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2019
Vulnerability Reserved
Aug 16, 2011

Credit

Scott Moser

Openstack

What is CVE-2011-3147?

References

CVSS V3.1

Timeline

Credit