CVE-2013-4183
Publication date 7 August 2013
Last updated 24 July 2024
Ubuntu priority
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors.
Status
Package | Ubuntu Release | Status |
---|---|---|
cinder | 13.10 saucy |
Not affected
|
13.04 raring |
Fixed 1:2013.1.3-0ubuntu2.1
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release |
Notes
jdstrand
per upstream, Ubuntu 12.10 is not affected fixed in updates of Ubuntu 13.04 c6f2f78 introduced a regression and a21b0e87 also needed
Patch details
Package | Patch details |
---|---|
cinder |
|
References
Related Ubuntu Security Notices (USN)
- USN-2005-1
- Cinder vulnerabilities
- 23 October 2013