CVE-2012-3447 : Compute node filesystem injection/corruption

OpenStack Security Advisory: 2012-011
CVE: CVE-2012-3447
Date: August 7, 2012
Title: Compute node filesystem injection/corruption
Impact: Critical
Reporter: Pádraig Brady (Red Hat)
Products: Nova
Affects: All versions

Pádraig Brady from Red Hat discovered that the fix implemented for
CVE-2012-3361 (OSSA-2012-008) was not covering all attack scenarios. By
crafting a malicious image with root-readable-only symlinks and
requesting a server based on it, an authenticated user could still
corrupt arbitrary files (all setups affected) or inject arbitrary files
(Essex and later setups with OpenStack API enabled and a libvirt-based
hypervisor) on the host filesystem, potentially resulting in full
compromise of that compute node.


  1. Folsom
  2. Essex
  3. Diablo

Launchpad Bug 1031311
Mitre CVE Entry

This fix will be included in the upcoming Nova 2012.1.2 stable update
(due Thursday) and the Folsom-3 development milestone (due next week).

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>