CVE-2017-18191

EUVD-2022-3763

19.02.2018, 17:29

An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 85%

Affected Products (NVD)

Vendor	Product	Version
openstack	nova	15.0.0 ≤ 𝑥 ≤ 15.1.0
openstack	nova	16.0.0 ≤ 𝑥 ≤ 16.1.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

nova

bookworm	2:26.2.2-1~deb12u3 fixed
bookworm (security)	2:26.2.2-1~deb12u3 fixed
bullseye	2:22.0.1-2+deb11u1 fixed
bullseye (security)	2:22.4.0-1~deb11u5 fixed
jessie	no-dsa
sid	2:30.0.0-1 fixed
stretch	no-dsa
trixie	2:30.0.0-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

nova

artful	Fixed 2:16.1.2-0ubuntu1 released
bionic	not-affected
cosmic	not-affected
disco	not-affected
eoan	not-affected
focal	not-affected
groovy	not-affected
hirsute	not-affected
impish	not-affected
jammy	not-affected
kinetic	not-affected
trusty	dne
xenial	Fixed 2:13.1.4-0ubuntu4.5+esm1 released

Known Exploits!

References

http://openwall.com/lists/oss-security/2018/04/20/3

http://www.securityfocus.com/bid/103104

https://access.redhat.com/errata/RHSA-2018:2332

https://access.redhat.com/errata/RHSA-2018:2714

https://access.redhat.com/errata/RHSA-2018:2855

https://launchpad.net/bugs/1739593

https://review.openstack.org/539893

https://security.openstack.org/ossa/OSSA-2018-001.html