1. Home
  2. CVE Database
  3. CVE-2013-7130
HIGH · 7.1

CVE-2013-7130

The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not proper...

Vulnerability Description

The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:C/I:N/A:N
Confidentiality
COMPLETE
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
OpenstackCompute2012.2
OpenstackGrizzly-
OpenstackHavana-
OpenstackIcehouse-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2013-7130?

CVE-2013-7130 is a vulnerability with a CVSS score of 7.1 (HIGH). The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not proper...

How severe is CVE-2013-7130?

CVE-2013-7130 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-7130?

Check the references section above for vendor advisories and patch information. Affected products include: Openstack Compute, Openstack Grizzly, Openstack Havana, Openstack Icehouse.