Red Hat Security Advisory 2015-0888-01 - Red Hat Enterprise Virtualization Manager 3.5.1 is now available. It was discovered that the permissions to allow or deny snapshot creation were ignored during live storage migration of a VM's disk between storage domains. An attacker able to live migrate a disk between storage domains could use this flaw to cause a denial of service. It was discovered that a directory shared between the ovirt-engine-dwhd service and a plug-in used during the service's startup had incorrect permissions. A local user could use this flaw to access files in this directory, which could potentially contain sensitive information.
ca7ceffd1d748a83925a9856f16bb79722cb033187b6a3fc14ffbd62fba7ea48
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed