Red Hat Security Advisory 2015-0888-01

Discussion in 'News Aggregator' started by Packet Storm, 29 Apr 2015.

  1. Packet Storm

    Packet Storm Guest

    Red Hat Security Advisory 2015-0888-01 - Red Hat Enterprise Virtualization Manager 3.5.1 is now available. It was discovered that the permissions to allow or deny snapshot creation were ignored during live storage migration of a VM's disk between storage domains. An attacker able to live migrate a disk between storage domains could use this flaw to cause a denial of service. It was discovered that a directory shared between the ovirt-engine-dwhd service and a plug-in used during the service's startup had incorrect permissions. A local user could use this flaw to access files in this directory, which could potentially contain sensitive information.

    Continue reading...
     

Share This Page

Loading...