Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2013-2096

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
9 July 2013

Summary

OpenStack Compute (Nova) in versions Folsom, Grizzly, and Havana fails to properly validate the virtual size of QCOW2 images. This oversight allows local users to create images with large reported sizes that do not correlate to actual data size, leading to excessive disk consumption on the host file system. As a result, this can result in denial of service conditions, as the host may exhaust its available disk space.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.