yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1070539] Re: [OSSA 2012-020] create_lvm_image allocates dirty blocks (CVE-2012-5625)

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Fri, 07 Jun 2013 15:25:46 -0000
Reply-to: Bug 1070539 <1070539@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Summary changed:

- create_lvm_image allocates dirty blocks
+ [OSSA 2012-020] create_lvm_image allocates dirty blocks (CVE-2012-5625)

** Also affects: ossa
   Importance: Undecided
       Status: New

** Changed in: ossa
       Status: New => Fix Released

** Changed in: ossa
     Assignee: (unassigned) => Thierry Carrez (ttx)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1070539

Title:
  [OSSA 2012-020] create_lvm_image allocates dirty blocks
  (CVE-2012-5625)

Status in OpenStack Compute (Nova):
  Fix Released
Status in OpenStack Compute (nova) folsom series:
  Fix Released
Status in OpenStack Security Advisories:
  Fix Released

Bug description:
  libvirt's create_lvm_image function will create LVM images on new
  logical volumes.

  Logical volumes are simply linear mappings on a physical volume (PV).

  Previously deleted logical volumes leave their dirty blocks
  (containing user and image data) on the PV. They are not zero'ed.

  New LVs will make basic linear mappings to these blocks, leading
  information disclosure as these LVs are passed to guest virtual
  machines. LVM's lvcreate does not zero these blocks, nor does the
  device-mapper configuration used by LVM create any snapshots by
  default.

  One solution may be to use dm-zero as a base image, apply dm-snapshot
  to a newly-created LV, and pass the snapshot's block device to the
  guest.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1070539/+subscriptions