(RHSA-2018:2332) Moderate: openstack-nova security, bug fix, and enhancement update

2018-08-2012:40:14

access.redhat.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

69.5%

JSON

OpenStack Compute (nova) launches and schedules large networks of virtual
machines, creating a redundant and scalable cloud computing platform.
Compute provides the software, control panels, and APIs required to
orchestrate a cloud, including running virtual machine instances and
controlling access through users and projects.

The following packages have been upgraded to a later upstream version:
openstack-nova (16.1.4). (BZ#1591212)

Security Fix(es):

openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host (CVE-2017-18191)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

For more information about the bug fixes and enhancements included with this update, see the “Technical Notes” section of the Release Notes
linked in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchopenstack-nova-network< 16.1.4-6.el7ostopenstack-nova-network-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-migration< 16.1.4-6.el7ostopenstack-nova-migration-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-scheduler< 16.1.4-6.el7ostopenstack-nova-scheduler-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-serialproxy< 16.1.4-6.el7ostopenstack-nova-serialproxy-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-common< 16.1.4-6.el7ostopenstack-nova-common-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-conductor< 16.1.4-6.el7ostopenstack-nova-conductor-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova-spicehtml5proxy< 16.1.4-6.el7ostopenstack-nova-spicehtml5proxy-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchopenstack-nova< 16.1.4-6.el7ostopenstack-nova-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchpython-nova-tests< 16.1.4-6.el7ostpython-nova-tests-16.1.4-6.el7ost.noarch.rpm
RedHat7noarchpython-nova< 16.1.4-6.el7ostpython-nova-16.1.4-6.el7ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	openstack-nova-network	< 16.1.4-6.el7ost	openstack-nova-network-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-migration	< 16.1.4-6.el7ost	openstack-nova-migration-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-scheduler	< 16.1.4-6.el7ost	openstack-nova-scheduler-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-serialproxy	< 16.1.4-6.el7ost	openstack-nova-serialproxy-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-common	< 16.1.4-6.el7ost	openstack-nova-common-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-conductor	< 16.1.4-6.el7ost	openstack-nova-conductor-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova-spicehtml5proxy	< 16.1.4-6.el7ost	openstack-nova-spicehtml5proxy-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-nova	< 16.1.4-6.el7ost	openstack-nova-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	python-nova-tests	< 16.1.4-6.el7ost	python-nova-tests-16.1.4-6.el7ost.noarch.rpm
RedHat	7	noarch	python-nova	< 16.1.4-6.el7ost	python-nova-16.1.4-6.el7ost.noarch.rpm