USN-6073-6: Cinder regression

2023-05-23 KENNETH Ubuntu security 0

USN-6073-6: Cinder regression

USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update
introduced a regression with detaching volumes. The security fix has been
removed pending further investigation.

We apologize for the inconvenience.

Original advisory details:

Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly
handled deleted volume attachments. An authenticated user or attacker could
possibly use this issue to gain access to sensitive information.

This update may require configuration changes to be completely effective,
please see the upstream advisory for more information:

https://security.openstack.org/ossa/OSSA-2023-003.html
Source: USN-6073-6: Cinder regression

About KENNETH 19696 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 Akismet을 사용하여 스팸을 줄입니다. 댓글 데이터가 어떻게 처리되는지 알아보세요.