USN-5835-5

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.

References

Affected packages

Ubuntu:18.04:LTS / nova

Package

Name: nova
Purl: pkg:deb/ubuntu/nova@2:17.0.13-0ubuntu5.2?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:17.0.13-0ubuntu5.2

Affected versions

2:16.*

2:16.0.1-0ubuntu1

2:16.0.1-0ubuntu2

2:17.*

2:17.0.0~b1-0ubuntu1

2:17.0.0~b2-0ubuntu2

2:17.0.0~b3-0ubuntu3

2:17.0.0~b3-0ubuntu4

2:17.0.0~rc1-0ubuntu1

2:17.0.0~rc2-0ubuntu1

2:17.0.0~rc3-0ubuntu1

2:17.0.0-0ubuntu1

2:17.0.1-0ubuntu1

2:17.0.3-0ubuntu1

2:17.0.4-0ubuntu1

2:17.0.5-0ubuntu1

2:17.0.5-0ubuntu2

2:17.0.6-0ubuntu1

2:17.0.7-0ubuntu1

2:17.0.7-0ubuntu2

2:17.0.9-0ubuntu1

2:17.0.9-0ubuntu3

2:17.0.10-0ubuntu2

2:17.0.10-0ubuntu2.1

2:17.0.11-0ubuntu1

2:17.0.12-0ubuntu1

2:17.0.13-0ubuntu1

2:17.0.13-0ubuntu2

2:17.0.13-0ubuntu3

2:17.0.13-0ubuntu4

2:17.0.13-0ubuntu5

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-ajax-console-proxy"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-api"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-api-metadata"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-api-os-compute"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-api-os-volume"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-cells"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-common"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-kvm"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-libvirt"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-lxc"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-qemu"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-vmware"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-compute-xen"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-conductor"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-console"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-consoleauth"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-network"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-novncproxy"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-placement-api"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-scheduler"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-serialproxy"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-spiceproxy"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-volume"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "nova-xvpvncproxy"
        },
        {
            "binary_version": "2:17.0.13-0ubuntu5.2",
            "binary_name": "python-nova"
        }
    ]
}

Database specific

cves_map

{
    "ecosystem": "Ubuntu:18.04:LTS",
    "cves": [
        {
            "id": "CVE-2022-47951",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
                },
                {
                    "type": "Ubuntu",
                    "score": "medium"
                }
            ]
        }
    ]
}