Local Denial of Service Vulnerability in OpenStack Compute by OpenStack
CVE-2013-4469

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
2 November 2013

Summary

In OpenStack Compute (Nova) versions Folsom, Grizzly, and Havana, a vulnerability arises when the configuration option 'use_cow_images' is disabled. The system fails to verify the virtual size of QCOW2 images, enabling local users to transfer images with large virtual sizes that don't contain a corresponding amount of data. This can lead to significant disruption by consuming host filesystem disk space, which may result in denial of service conditions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.