A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-03-06T15:00:00Z
Updated: 2024-09-17T02:16:32.159Z
Reserved: 2017-12-04T00:00:00
Link: CVE-2018-1062
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-06T15:29:00.220
Modified: 2020-02-18T19:07:48.563
Link: CVE-2018-1062
Redhat