CVE-2013-4183

Currently unrated

Key Information:

Vendor: Openstack
Status: Cinder
Vendor: CVE Published:; 16 September 2013

Summary

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.

References

http://rhn.redhat.com/errata/RHSA-2013-1198.html

vendor-advisoryx_refsource_REDHAT

https://bugs.launchpad.net/cinder/+bug/1198185

x_refsource_CONFIRM

http://www.ubuntu.com/usn/USN-2005-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Sep 16, 2013
Vulnerability Reserved
Jun 12, 2013