DEBIAN-CVE-2013-7130

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2013-7130

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2013-7130.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2013-7130

Upstream

CVE-2013-7130

Published

2014-02-06T17:00:06Z

Modified

2025-09-19T06:17:51Z

Summary

[none]

Details

The icreateimagesandbacking (aka createimagesand_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.

References

https://security-tracker.debian.org/tracker/CVE-2013-7130

Affected packages

Debian:11 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2013.2.2

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2013.2.2

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2013.2.2

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / nova

Package

Name: nova
Purl: pkg:deb/debian/nova?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2013.2.2

Ecosystem specific

{
    "urgency": "low"
}