Local Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2013-4469
Currently unrated
Summary
In OpenStack Compute (Nova) versions Folsom, Grizzly, and Havana, a vulnerability arises when the configuration option 'use_cow_images' is disabled. The system fails to verify the virtual size of QCOW2 images, enabling local users to transfer images with large virtual sizes that don't contain a corresponding amount of data. This can lead to significant disruption by consuming host filesystem disk space, which may result in denial of service conditions.
References
Timeline
Vulnerability published
Vulnerability Reserved