yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1837877] Re: [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Jeremy Stanley <fungi@xxxxxxxxxxx>
Date: Fri, 09 Aug 2019 13:50:04 -0000
Reply-to: Bug 1837877 <1837877@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The extended maintenance branch patches are still up for review, but
since all the stable maintenance branch patches have now merged I'm
closing the security advisory task.

** Changed in: ossa
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1837877

Title:
  [OSSA-2019-003] Nova Server Resource Faults Leak External Exception
  Details (CVE-2019-14433)

Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Compute (nova) ocata series:
  In Progress
Status in OpenStack Compute (nova) pike series:
  In Progress
Status in OpenStack Compute (nova) queens series:
  Fix Committed
Status in OpenStack Compute (nova) rocky series:
  Fix Committed
Status in OpenStack Compute (nova) stein series:
  Fix Committed
Status in OpenStack Security Advisory:
  Fix Released

Bug description:
  This issue is being treated as a potential security risk under
  embargo. Please do not make any public mention of embargoed (private)
  security vulnerabilities before their coordinated publication by the
  OpenStack Vulnerability Management Team in the form of an official
  OpenStack Security Advisory. This includes discussion of the bug or
  associated fixes in public forums such as mailing lists, code review
  systems and bug trackers. Please also avoid private disclosure to
  other individuals not already approved for access to this information,
  and provide this same reminder to those who are made aware of the
  issue prior to publication. All discussion should remain confined to
  this private bug report, and any proposed fixes should be added to the
  bug as attachments.

  It would appear Nova is revealing information that may be sensitive in
  error messages

  http://lists.openstack.org/pipermail/openstack-
  infra/2019-July/006426.html

  I attempted to hard-reboot it, and it went into an error state.  The
  initial error in the server status was

   {'message': 'Timed out during operation: cannot acquire state change
  lock (held by monitor=remoteDispatchDomainCreateWithFlags)', 'code':
  500, 'created': '2019-07-25T07:25:25Z'}

  After a short period, I tried again and got a different error state

   {'message': "internal error: process exited while connecting to
  monitor:
  lc=,keyid=masterKey0,iv=jHURYcYDkXqGBu4pC24bew==,format=base64 -drive
  'file=rbd:volumes/volume-
  41553c15-6b12-4137-a318-7caf6a9eb44c:id=cinder:auth_supported=cephx\\;none:mon_host=172.24.0.56\\:6789",
  'code': 500, 'created': '2019-07-25T07:27:21Z'}

  I don't know if this is a setting or a bug. Better to report and close
  than not say anything I guess.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1837877/+subscriptions