Denial of Service in OpenStack Image Registry and Delivery Service by Remote Authenticated Users
CVE-2014-5356

Currently unrated

Key Information:

Vendor

Openstack
Status
Image Registry And Delivery Service \(glance\)
Ubuntu Linux
Vendor
CVE Published:
25 August 2014

What is CVE-2014-5356?

OpenStack's Image Registry and Delivery Service (Glance), when using the V2 API, fails to appropriately enforce the image_size_cap configuration setting. This misconfiguration permits remote authenticated users to exploit the system by uploading excessively large images, ultimately leading to denial of service due to disk space exhaustion. This vulnerability could result in significant operational interruptions and must be addressed promptly to safeguard the integrity of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2014/08/21/6
mailing-listx_refsource_MLIST
http://www.ubuntu.com/usn/USN-2322-1
vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2014-1337.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.