Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAKSuTPZu47DqKNfdDViR5p8miHdXa7B99Nz-q_=B5nQqgmbWNg@mail.gmail.com>
Date: Wed, 11 Mar 2020 14:38:14 -0700
From: Goutham Pacha Ravi <gouthampravi@...il.com>
To: oss-security@...ts.openwall.com
Subject: [OSSA-2020-002] Manila: Unprivileged users can retrieve, use and
 manipulate share networks (CVE-2020-9543)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=================================================================================
OSSA-2020-002: Unprivileged users can retrieve, use and manipulate
share networks
=================================================================================

:Date: March 10, 2020
:CVE: CVE-2020-9543


Affects
~~~~~~~
- - Manila: <7.4.1, >=8.0.0 <8.1.1, >=9.0.0 <9.1.1


Description
~~~~~~~~~~~
Tobias Rydberg from City Network Hosting AB reported a vulnerability
with the manila's share network APIs. An attacker can retrieve and
manipulate share networks that do not belong to them if they possess
the share network ID. By exploiting this vulnerability, they can view
and manipulate share network subnets and use the share network to
create resources such as shares and share groups.


Patches
~~~~~~~
- - https://review.opendev.org/712167 (Pike)
- - https://review.opendev.org/712166 (Queens)
- - https://review.opendev.org/712165 (Rocky)
- - https://review.opendev.org/712164 (Stein)
- - https://review.opendev.org/712163 (Train)
- - https://review.opendev.org/712158 (Ussuri)


Credits
~~~~~~~
- - Tobias Rydberg from City Network Hosting AB (CVE-2020-9543)


References
~~~~~~~~~~
- - https://launchpad.net/bugs/1861485
- - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9543


Notes
~~~~~
- - The stable/queens and stable/pike branches are under extended
maintenance and
  will receive no new point releases, but patches for them are provided as a
  courtesy.

- --
Goutham Pacha Ravi
PTL, OpenStack Manila
-----BEGIN PGP SIGNATURE-----

wsFcBAEBCAAGBQJeaVorAAoJEDEySBmyuw9icCYP/jQPltyI04Vr3JMxCVRW
lkedSvBUrWZSqfk/EXXoFDu7jbEC7v59ewPriXA0YQ3hTJoJxCGDK1mYiIyr
yoJzNb/Lz8QPsNIMfg0JGxS6Jnz0lRztJJo0zOyAgtVUkJiLGQumYAb3Y9CO
LYRWIYezcwhFLsH3l1pLq0M2ideXVIHT+9mTGWkHCT16+lGFArYUZK0qvi3U
Z7cWNeGeU4m6+HR9A30nP304aV14K2/55ELtbvDEYWNM92xdrMPOPfuFrLat
kVeXNq2QYGP1EuBAHREysKURJHAUPn8pttS+feLzze/MZ50JxoRWi1WcwHsK
R8w0OjuMceN8WXGSV2Ng4fsCfGimx81ySqjdETZY2ckLxmRxNK3UDh+HLUQh
XaG2PVD2ZMm7WgDiopdo3QcjpV28XdGjMBCTU2wKFJeePc8ugMAuJ4Dkscxn
sIp9xZWtpkD5HcV6eSoYG/LvugdGMtn961Fn6I1UkGtjdc1TsjZRU/+wc8pN
PVJQ3Ws24RCyH4VTHWbruIPHIRWC6HisOgRub3wMdwhaMEpicFuel1TR5qMz
O8E3eGcN5IWIR0oykG35+YoV+EDTFy9ZeWJeui+KZZfcG5Kfssno0sX2E6dL
RlJPnDHNWwzT8kr6eCF/wbSiK8dAy2PDwtVqZXKMiNWJMoAWJUnVJ02Ebf/O
cmWK
=fVID
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.