CVE-2015-5162 - OpenCVE

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Openstack	Glance Nova Cinder

Configuration 1 [-]

OR	cpe:2.3:a:openstack:cinder:7.0.2:::::::*
	cpe:2.3:a:openstack:cinder:8.0.0:::::::*
	cpe:2.3:a:openstack:cinder:8.1.0:::::::*
	cpe:2.3:a:openstack:glance::::::::
	cpe:2.3:a:openstack:glance:11.0.1:::::::*
	cpe:2.3:a:openstack:glance:12.0.0:::::::*
	cpe:2.3:a:openstack:nova::::::::
	cpe:2.3:a:openstack:nova:13.0.0:::::::*

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2016-2923.html
http://rhn.redhat.com/errata/RHSA-2016-2991.html
http://rhn.redhat.com/errata/RHSA-2017-0153.html
http://rhn.redhat.com/errata/RHSA-2017-0156.html
http://rhn.redhat.com/errata/RHSA-2017-0165.html
http://rhn.redhat.com/errata/RHSA-2017-0282.html
http://www.openwall.com/lists/oss-security/2016/10/06/8	Third Party Advisory
http://www.securityfocus.com/bid/76849
https://launchpad.net/bugs/1449062	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2016-10-07T14:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2015-07-01T00:00:00

Link: CVE-2015-5162

JSON object: View

NVD Information

Status : Modified

Published: 2016-10-07T14:59:01.520

Modified: 2023-02-13T00:50:05.403

Link: CVE-2015-5162

JSON object: View

Redhat Information

No data.

CWE

CWE-399

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-06T00:00:00", "descriptions": [{"lang": "en", "value": "The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://launchpad.net/bugs/1449062"}, {"name": "76849", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/76849"}, {"name": "RHSA-2017:0153", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0153.html"}, {"name": "[oss-security] 20161006 OSSA 2016-012] Malicious qemu-img input may exhaust resources in Cinder, Glance, Nova (CVE-2015-5162)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/06/8"}, {"name": "RHSA-2016:2923", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2923.html"}, {"name": "RHSA-2016:2991", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2991.html"}, {"name": "RHSA-2017:0165", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0165.html"}, {"name": "RHSA-2017:0156", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0156.html"}, {"name": "RHSA-2017:0282", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0282.html"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5162", "datePublished": "2016-10-07T14:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2018-01-04T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:cinder:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4A52FF5F-8E17-4ADE-86E4-E5840A9C65A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:cinder:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3C5B0AB-0716-42A5-B892-35DFA579DC9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:cinder:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BAF0C010-FA4E-4E7E-AC97-9DE2BE72DFD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD511BE8-7561-4D09-B977-D348B7CD8C33", "versionEndIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:glance:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F6791E7-895C-4459-8C7A-9B40BD4F7E42", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:glance:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C4D5422-B63A-4B85-BFCC-5793F921B137", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B690B6E-9C43-4B81-AFD9-FADC05366CD8", "versionEndIncluding": "12.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:nova:13.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BF818F64-06A3-4B6F-84DA-ACA0487D4A87", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service (memory and disk consumption) via a crafted disk image."}, {"lang": "es", "value": "El analizador de imagen en OpenStack Cinder 7.0.2 y 8.0.0 hasta la versi\u00f3n 8.1.1; Glance en versiones anteriores a 11.0.1 y 12.0.0; y Nova en versiones anteriores a 12.0.4 y 13.0.0 no limita adecuadamente las llamadas a qemu-img, lo que podr\u00eda permitir a atacantes provocar una denegaci\u00f3n de servicio (consumo de memoria y disco) a trav\u00e9s de una imagen de disco manipulada."}], "id": "CVE-2015-5162", "lastModified": "2023-02-13T00:50:05.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-07T14:59:01.520", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2923.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2991.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2017-0153.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2017-0156.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2017-0165.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2017-0282.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/10/06/8"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/76849"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://launchpad.net/bugs/1449062"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}