Vulnerability Details : CVE-2017-18191
An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. (The same code error also results in data loss, but that is not a vulnerability because the user loses their own data.) All Nova setups supporting encrypted volumes are affected.
Vulnerability category: Denial of service
Products affected by CVE-2017-18191
- cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-18191
0.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-18191
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
References for CVE-2017-18191
-
https://access.redhat.com/errata/RHSA-2018:2714
RHSA-2018:2714 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://openwall.com/lists/oss-security/2018/04/20/3
oss-security - [OSSA-2018-001] Raw underlying encrypted volume access (CVE-2017-18191)Mailing List;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2855
RHSA-2018:2855 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://security.openstack.org/ossa/OSSA-2018-001.html
OpenStack Docs: OSSA-2018-001: Raw underlying encrypted volume accessPatch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2332
RHSA-2018:2332 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/103104
OpenStack Nova CVE-2017-18191 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://launchpad.net/bugs/1739593
Bug #1739593 “[OSSA-2018-001] Swapping encrypted volumes can lea...” : Bugs : OpenStack Compute (nova)Exploit;Issue Tracking;Third Party Advisory
-
https://review.openstack.org/539893
Change I43abe5ca: Adds OSSA-2018-001 (CVE-2017-18191) | review.opendev Code ReviewExploit;Patch;Third Party Advisory
Jump to