A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-03-06T15:00:00Z

Updated: 2024-09-17T02:16:32.159Z

Reserved: 2017-12-04T00:00:00

Link: CVE-2018-1062

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-03-06T15:29:00.220

Modified: 2020-02-18T19:07:48.563

Link: CVE-2018-1062

cve-icon Redhat

Severity : Low

Publid Date: 2018-03-06T00:00:00Z

Links: CVE-2018-1062 - Bugzilla