OSSA-2014-035: Nova VMware driver may connect VNC to another tenant’s console

OSSA-2014-035: Nova VMware driver may connect VNC to another tenant’s console¶

Date:: October 14, 2014
CVE:: CVE-2014-8750

Affects¶

Nova: up to 2014.1.3

Description¶

Marcio Roberto Starke reported a vulnerability in the Nova VMware driver. A race condition in its VNC port allocation may cause it to connect the wrong console if instances are created concurrently. By repeatedly spawning new instances, an authenticated user may be able to gain unauthorized console access to instances belonging to other tenants. Only Nova setups using the VMware driver and the VNC proxy service are affected.

Patches¶

https://review.openstack.org/126425 (Icehouse)
https://review.openstack.org/114548 (Juno)

Credits¶

Marcio Roberto Starke (CVE-2014-8750)

References¶

this page last updated: 2024-03-18 15:52:07

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.