Ubuntu Update For Nova USN-1497-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1497-1

Solution

Please Install the Updated Packages.

Insight

Matthias Weckbecker discovered that, when using the OpenStack API to setup libvirt-based hypervisors, an authenticated user could inject files in arbitrary locations on the file system of the host running Nova. A remote attacker could use this to gain root privileges. This issue only affects Ubuntu 12.04 LTS. (CVE-2012-3360) P&#225 draig Brady discovered that an authenticated user could corrupt arbitrary files of the host running Nova. A remote attacker could use this to cause a denial of service or possibly gain privileges. (CVE-2012-3361)

Affected

nova on Ubuntu 12.04 LTS , Ubuntu 11.10

Severity

Classification

CVE CVE-2012-3360, CVE-2012-3361

CVSS	Base Score: 5.5 AV:N/AC:L/Au:S/C:N/I:P/A:P

Related Vulnerabilities

Ubuntu Update for backuppc USN-1444-1
Ubuntu Update for backuppc USN-1249-1
Ubuntu Update for clamav USN-1816-1
Ubuntu Update for clamav vulnerability USN-986-2
Ubuntu Update for apache2 USN-1368-1

Ubuntu Update for nova USN-1497-1

Take action and discover your vulnerabilities