Summary
Ubuntu Update for Linux kernel vulnerabilities USN-1626-2
Solution
Please Install the Updated Packages.
Insight
USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update provides the corresponding updates for the v2 API.
Original advisory details:
Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.
Affected
glance on Ubuntu 12.10
Severity
Classification
-
CVE CVE-2012-4573 -
CVSS Base Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P
Related Vulnerabilities