Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2013-2096
Currently unrated
Summary
OpenStack Compute (Nova) in versions Folsom, Grizzly, and Havana fails to properly validate the virtual size of QCOW2 images. This oversight allows local users to create images with large reported sizes that do not correlate to actual data size, leading to excessive disk consumption on the host file system. As a result, this can result in denial of service conditions, as the host may exhaust its available disk space.
References
Timeline
Vulnerability published
Vulnerability Reserved