Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 12.04 LTS USN-1545-1 Moderate: Nova File Corruption Issue

Calendar Aug 22, 2012 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate denial of service update Ubuntu file corruption nova
Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. 
=========================================================================Ubuntu Security Notice USN-1545-1
August 22, 2012

nova vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10

Summary:

Nova could be made to overwrite or corrupt arbitrary files in the compute
host file system.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

Padraig Brady discovered that the fix for CVE-2012-3361 was incomplete and
an authenticated user could still corrupt arbitrary files on the host
running Nova. A remote attacker could use this to cause a denial of service
or possibly gain privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
  python-nova                     2012.1+stable~20120612-3ee026e-0ubuntu1.3

Ubuntu 11.10:
  python-nova                     2011.3-0ubuntu6.10

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-1545-1
  CVE-2012-3447

Package Information:
  https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.3
  https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.10

Ubuntu 12.04 LTS USN-1545-1 Moderate: Nova File Corruption Issue

ubuntu
Calendar Grey August 22, 2012
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-1546-1 tackles a critical OpenStack vulnerability posing a risk of unauthorized access on server instances.
Nova could be made to overwrite or corrupt arbitrary files in the compute host file system.

Summary

Topics%20covered

Topics Covered

security advisory moderate denial of service update Ubuntu file corruption nova

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.3 Ubuntu 11.10: python-nova 2011.3-0ubuntu6.10 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-1545-1

CVE-2012-3447

Severity
important
Lowest
Low
Medium
High
Critical

August 22, 2012

Topics%20covered

Topics Covered

security advisory moderate denial of service update Ubuntu file corruption nova

Package Information

https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.3 https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.10

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here