nova@19.0.0.0rc1 vulnerabilities

Cloud computing fabric controller

Direct Vulnerabilities

Known vulnerabilities in the nova package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Denial of Service (DoS)

nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.

Affected versions of this package are vulnerable to Denial of Service (DoS) by creating a neutron port with the direct vnic_type, then creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap. Note: Only Nova deployments configured with SR-IOV are affected.

How to fix Denial of Service (DoS)?

A fix was pushed into the master branch but not yet published.

[0,)
  • M
Open Redirect

nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.

Affected versions of this package are vulnerable to Open Redirect. The console proxies used (novnc, serial, spice) run in a websockify server whose request handler inherits from the python standard SimpleHTTPRequestHandler. There is a known issue in the SimpleHTTPRequestHandler which allows open redirects by way of URLs in the following format: http://vncproxy.my.domain.com//example.com/%2F.., which if visited, will redirect a user to example.com.

How to fix Open Redirect?

Upgrade nova to version 23.0.2, 22.3.0, 21.2.3 or higher.

[23.0.0.0rc1,23.0.2) [22.0.0.0rc1,22.3.0) (,21.2.3)
  • H
Privilege Escalation

nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.

Affected versions of this package are vulnerable to Privilege Escalation. An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected.

How to fix Privilege Escalation?

Upgrade nova to version 19.3.1, 20.4.0, 21.1.0 or higher.

(,19.3.1) [20.0.0,20.4.0) [21.0.0,21.1.0)
  • L
Information Exposure

nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.

Affected versions of this package are vulnerable to Information Exposure. It could leak console auth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access.

Note: All Nova setups using novncproxy are affected.

How to fix Information Exposure?

Upgrade nova to version 18.2.4, 19.1.0, 20.1.0 or higher.

(,18.2.4) [9.0.0.0rc1,19.1.0) [20.0.0.0rc1,20.1.0)
  • M
Information Exposure

nova is an OpenStack Nova provides a cloud computing fabric controller, supporting a wide variety of compute technologies, including: libvirt (KVM, Xen, LXC and more), Hyper-V, VMware, XenServer, OpenStack Ironic and PowerVM.

Affected versions of this package are vulnerable to Information Exposure. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.

How to fix Information Exposure?

Upgrade nova to version 17.0.12, 18.2.2, 19.0.2 or higher.

(,17.0.12) [18.0.0,18.2.2) [19.0.0,19.0.2)