CVE-2013-7130 - Vulnerability Details

Vendors	Products
Openstack	Compute Grizzly Havana Icehouse
Redhat	Openstack

Package	CPE	Advisory	Released Date
OpenStack 3 for RHEL 6
openstack-nova-0:2013.1.5-2.el6ost	cpe:/a:redhat:openstack:3::el6	RHSA-2014:0366	2014-04-03T00:00:00Z
OpenStack 4 for RHEL 6
openstack-nova-0:2013.2.2-2.el6ost	cpe:/a:redhat:openstack:4::el6	RHSA-2014:0231	2014-03-04T00:00:00Z

Link	Providers
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html
http://osvdb.org/102416
http://rhn.redhat.com/errata/RHSA-2014-0231.html
http://secunia.com/advisories/56450
http://www.openwall.com/lists/oss-security/2014/01/23/5
http://www.securityfocus.com/bid/65106
http://www.ubuntu.com/usn/USN-2247-1
https://bugs.launchpad.net/nova/+bug/1251590
https://exchange.xforce.ibmcloud.com/vulnerabilities/90652
https://nvd.nist.gov/vuln/detail/CVE-2013-7130
https://review.openstack.org/#/c/68658/
https://review.openstack.org/#/c/68659/
https://review.openstack.org/#/c/68660/
https://www.cve.org/CVERecord?id=CVE-2013-7130

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-24T00:00:00", "descriptions": [{"lang": "en", "value": "The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://review.openstack.org/#/c/68659/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://review.openstack.org/#/c/68658/"}, {"name": "65106", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/65106"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://review.openstack.org/#/c/68660/"}, {"name": "openstack-cve20137130-info-disc(90652)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90652"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.launchpad.net/nova/+bug/1251590"}, {"name": "56450", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56450"}, {"name": "102416", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102416"}, {"name": "USN-2247-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2247-1"}, {"name": "RHSA-2014:0231", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0231.html"}, {"name": "[oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/01/23/5"}, {"name": "FEDORA-2014-1463", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html"}, {"name": "FEDORA-2014-1516", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7130", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://review.openstack.org/#/c/68659/", "refsource": "CONFIRM", "url": "https://review.openstack.org/#/c/68659/"}, {"name": "https://review.openstack.org/#/c/68658/", "refsource": "CONFIRM", "url": "https://review.openstack.org/#/c/68658/"}, {"name": "65106", "refsource": "BID", "url": "http://www.securityfocus.com/bid/65106"}, {"name": "https://review.openstack.org/#/c/68660/", "refsource": "CONFIRM", "url": "https://review.openstack.org/#/c/68660/"}, {"name": "openstack-cve20137130-info-disc(90652)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90652"}, {"name": "https://bugs.launchpad.net/nova/+bug/1251590", "refsource": "MISC", "url": "https://bugs.launchpad.net/nova/+bug/1251590"}, {"name": "56450", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56450"}, {"name": "102416", "refsource": "OSVDB", "url": "http://osvdb.org/102416"}, {"name": "USN-2247-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2247-1"}, {"name": "RHSA-2014:0231", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0231.html"}, {"name": "[oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/01/23/5"}, {"name": "FEDORA-2014-1463", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html"}, {"name": "FEDORA-2014-1516", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:01:19.335Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://review.openstack.org/#/c/68659/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://review.openstack.org/#/c/68658/"}, {"name": "65106", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/65106"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://review.openstack.org/#/c/68660/"}, {"name": "openstack-cve20137130-info-disc(90652)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90652"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.launchpad.net/nova/+bug/1251590"}, {"name": "56450", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56450"}, {"name": "102416", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/102416"}, {"name": "USN-2247-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2247-1"}, {"name": "RHSA-2014:0231", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0231.html"}, {"name": "[oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/01/23/5"}, {"name": "FEDORA-2014-1463", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html"}, {"name": "FEDORA-2014-1516", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-7130", "datePublished": "2014-02-06T16:00:00", "dateReserved": "2013-12-17T00:00:00", "dateUpdated": "2024-08-06T18:01:19.335Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2014-01-24T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-08-28T12:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://review.openstack.org/#/c/68659/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://review.openstack.org/#/c/68658/ (string)

}

2 : { »

name : 65106 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/65106 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://review.openstack.org/#/c/68660/ (string)

}

4 : { »

name : openstack-cve20137130-info-disc(90652) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://bugs.launchpad.net/nova/+bug/1251590 (string)

}

6 : { »

name : 56450 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/56450 (string)

}

7 : { »

name : 102416 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/102416 (string)

}

8 : { »

name : USN-2247-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : http://www.ubuntu.com/usn/USN-2247-1 (string)

}

9 : { »

name : RHSA-2014:0231 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2014-0231.html (string)

}

10 : { »

name : [oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2014/01/23/5 (string)

}

11 : { »

name : FEDORA-2014-1463 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html (string)

}

12 : { »

name : FEDORA-2014-1516 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2013-7130 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://review.openstack.org/#/c/68659/ (string)

refsource : CONFIRM (string)

url : https://review.openstack.org/#/c/68659/ (string)

}

1 : { »

name : https://review.openstack.org/#/c/68658/ (string)

refsource : CONFIRM (string)

url : https://review.openstack.org/#/c/68658/ (string)

}

2 : { »

name : 65106 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/65106 (string)

}

3 : { »

name : https://review.openstack.org/#/c/68660/ (string)

refsource : CONFIRM (string)

url : https://review.openstack.org/#/c/68660/ (string)

}

4 : { »

name : openstack-cve20137130-info-disc(90652) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 (string)

}

5 : { »

name : https://bugs.launchpad.net/nova/+bug/1251590 (string)

refsource : MISC (string)

url : https://bugs.launchpad.net/nova/+bug/1251590 (string)

}

6 : { »

name : 56450 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/56450 (string)

}

7 : { »

name : 102416 (string)

refsource : OSVDB (string)

url : http://osvdb.org/102416 (string)

}

8 : { »

name : USN-2247-1 (string)

refsource : UBUNTU (string)

url : http://www.ubuntu.com/usn/USN-2247-1 (string)

}

9 : { »

name : RHSA-2014:0231 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0231.html (string)

}

10 : { »

name : [oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2014/01/23/5 (string)

}

11 : { »

name : FEDORA-2014-1463 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html (string)

}

12 : { »

name : FEDORA-2014-1516 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T18:01:19.335Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://review.openstack.org/#/c/68659/ (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://review.openstack.org/#/c/68658/ (string)

}

2 : { »

name : 65106 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/65106 (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://review.openstack.org/#/c/68660/ (string)

}

4 : { »

name : openstack-cve20137130-info-disc(90652) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://bugs.launchpad.net/nova/+bug/1251590 (string)

}

6 : { »

name : 56450 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/56450 (string)

}

7 : { »

name : 102416 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/102416 (string)

}

8 : { »

name : USN-2247-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : http://www.ubuntu.com/usn/USN-2247-1 (string)

}

9 : { »

name : RHSA-2014:0231 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2014-0231.html (string)

}

10 : { »

name : [oss-security] 20140124 [OSSA 2014-003] Live migration can leak root disk into ephemeral storage (CVE-2013-7130) (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2014/01/23/5 (string)

}

11 : { »

name : FEDORA-2014-1463 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html (string)

}

12 : { »

name : FEDORA-2014-1516 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2013-7130 (string)

datePublished : 2014-02-06T16:00:00 (string)

dateReserved : 2013-12-17T00:00:00 (string)

dateUpdated : 2024-08-06T18:01:19.335Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:compute:2012.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E9D8029-F7DD-435D-B4F4-D3DABDB7333B", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:compute:2013.1:*:*:*:*:*:*:*", "matchCriteriaId": "6DE1DE9A-0D08-448B-AF80-7ACA236F2A83", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:compute:2013.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1A5AAEB-0A8F-4ECF-B184-6A78B882817A", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:compute:2013.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E8596FDB-87DD-4D06-9923-75EFE7E3F9A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:compute:2013.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FA06A9A5-0924-4137-85AF-DB9C7C246DAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:*", "matchCriteriaId": "A83ED744-9E3D-4510-B3E6-6DDE1090F0B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:havana:-:*:*:*:*:*:*:*", "matchCriteriaId": "77522028-683C-4708-AF46-50B49A0A2D15", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:icehouse:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC112BBD-F3D2-4192-B11A-B99D54B08D99", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage."}, {"lang": "es", "value": "El m\u00e9todo i_create_images_and_backing (tambi\u00e9n conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso de un bloque de migraci\u00f3n KVM en vivo, no crea debidamente todos los archivos esperados, lo que permite a atacantes obtener contenido de una instant\u00e1nea del disco ra\u00edz de otros usuarios a trav\u00e9s del almacenamiento ef\u00edmero."}], "id": "CVE-2013-7130", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-02-06T17:00:06.977", "references": [{"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html"}, {"source": "cve@mitre.org", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/102416"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2014-0231.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56450"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/01/23/5"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/65106"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2247-1"}, {"source": "cve@mitre.org", "url": "https://bugs.launchpad.net/nova/+bug/1251590"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90652"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://review.openstack.org/#/c/68658/"}, {"source": "cve@mitre.org", "url": "https://review.openstack.org/#/c/68659/"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://review.openstack.org/#/c/68660/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/102416"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-0231.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/56450"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/01/23/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/65106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2247-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/nova/+bug/1251590"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90652"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://review.openstack.org/#/c/68658/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://review.openstack.org/#/c/68659/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://review.openstack.org/#/c/68660/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:openstack:compute:2012.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 0E9D8029-F7DD-435D-B4F4-D3DABDB7333B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:openstack:compute:2013.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6DE1DE9A-0D08-448B-AF80-7ACA236F2A83 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:openstack:compute:2013.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : A1A5AAEB-0A8F-4ECF-B184-6A78B882817A (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:openstack:compute:2013.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E8596FDB-87DD-4D06-9923-75EFE7E3F9A0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:openstack:compute:2013.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : FA06A9A5-0924-4137-85AF-DB9C7C246DAC (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:openstack:grizzly:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A83ED744-9E3D-4510-B3E6-6DDE1090F0B7 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:openstack:havana:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 77522028-683C-4708-AF46-50B49A0A2D15 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:openstack:icehouse:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FC112BBD-F3D2-4192-B11A-B99D54B08D99 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. (string)

}

1 : { »

lang : es (string)

value : El método i_create_images_and_backing (también conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso de un bloque de migración KVM en vivo, no crea debidamente todos los archivos esperados, lo que permite a atacantes obtener contenido de una instantánea del disco raíz de otros usuarios a través del almacenamiento efímero. (string)

}

]

id : CVE-2013-7130 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 7.1 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:C/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2014-02-06T17:00:06.977 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/102416 (string)

}

3 : { »

source : cve@mitre.org (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0231.html (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/56450 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://www.openwall.com/lists/oss-security/2014/01/23/5 (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/65106 (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://www.ubuntu.com/usn/USN-2247-1 (string)

}

8 : { »

source : cve@mitre.org (string)

url : https://bugs.launchpad.net/nova/+bug/1251590 (string)

}

9 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

]

url : https://review.openstack.org/#/c/68658/ (string)

}

11 : { »

source : cve@mitre.org (string)

url : https://review.openstack.org/#/c/68659/ (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

]

url : https://review.openstack.org/#/c/68660/ (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/102416 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2014-0231.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/56450 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.openwall.com/lists/oss-security/2014/01/23/5 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/65106 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.ubuntu.com/usn/USN-2247-1 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://bugs.launchpad.net/nova/+bug/1251590 (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/90652 (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://review.openstack.org/#/c/68658/ (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://review.openstack.org/#/c/68659/ (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://review.openstack.org/#/c/68660/ (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"acknowledgement": "Red Hat would like to thank OpenStack project for reporting this issue.", "affected_release": [{"advisory": "RHSA-2014:0366", "cpe": "cpe:/a:redhat:openstack:3::el6", "package": "openstack-nova-0:2013.1.5-2.el6ost", "product_name": "OpenStack 3 for RHEL 6", "release_date": "2014-04-03T00:00:00Z"}, {"advisory": "RHSA-2014:0231", "cpe": "cpe:/a:redhat:openstack:4::el6", "package": "openstack-nova-0:2013.2.2-2.el6ost", "product_name": "OpenStack 4 for RHEL 6", "release_date": "2014-03-04T00:00:00Z"}], "bugzilla": {"description": "nova: Live migration can leak root disk into ephemeral storage", "id": "1055400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1055400"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "status": "verified"}, "details": ["The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage."], "name": "CVE-2013-7130", "public_date": "2014-01-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-7130\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-7130"], "threat_severity": "Moderate"}

{

acknowledgement : Red Hat would like to thank OpenStack project for reporting this issue. (string)

affected_release : [ »

0 : { »

advisory : RHSA-2014:0366 (string)

cpe : cpe:/a:redhat:openstack:3::el6 (string)

package : openstack-nova-0:2013.1.5-2.el6ost (string)

product_name : OpenStack 3 for RHEL 6 (string)

release_date : 2014-04-03T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2014:0231 (string)

cpe : cpe:/a:redhat:openstack:4::el6 (string)

package : openstack-nova-0:2013.2.2-2.el6ost (string)

product_name : OpenStack 4 for RHEL 6 (string)

release_date : 2014-03-04T00:00:00Z (string)

}

]

bugzilla : { »

description : nova: Live migration can leak root disk into ephemeral storage (string)

id : 1055400 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1055400 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 3.5 (string)

cvss_scoring_vector : AV:N/AC:M/Au:S/C:P/I:N/A:N (string)

status : verified (string)

}

details : [ »

0 : The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. (string)

]

name : CVE-2013-7130 (string)

public_date : 2014-01-23T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2013-7130 https://nvd.nist.gov/vuln/detail/CVE-2013-7130 (string)

]

threat_severity : Moderate (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object