=============================================== OSSA-2015-019: Glance image status manipulation =============================================== :Date: September 22, 2015 :CVE: CVE-2015-5251 Affects ~~~~~~~ - Glance: <=2014.2.3, >=2015.1.0, <=2015.1.1 Description ~~~~~~~~~~~ Hemanth Makkapati of Rackspace reported a vulnerability in Glance. By submitting a HTTP PUT request with a "x-image-meta-status" header, a tenant can manipulate the status of their images. A malicious tenant may exploit this flaw to reactivate disabled images, bypass storage quotas and in some cases replace image contents. Setups using the Glance v1 API allow the illegal modification of image status. Setups which also use the v2 API may allow a subsequent re-upload of image contents. Patches ~~~~~~~ - https://review.openstack.org/226338 (Juno) - https://review.openstack.org/226337 (Kilo) - https://review.openstack.org/226336 (Liberty) Credits ~~~~~~~ - Hemanth Makkapati from Rackspace (CVE-2015-5251) References ~~~~~~~~~~ - https://bugs.launchpad.net/bugs/1482371 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5251 Notes ~~~~~ - This fix will be included in future 2014.2.4 (juno) and 2015.1.2 (kilo) releases. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack-announce/attachments/20150922/1cbf9656/attachment-0001.pgp>