UNKNOWN PyPI
OpenStack Compute (Nova) does not verify the virtual size of a QCOW2 image
GHSA-m674-hmx2-ffhq · CVE-2013-2096
Published · Modified
Description
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2013-2096
- WEB https://github.com/openstack/nova/commit/0caeb8eaf20abcdc77828f5c6b79fc104619e231
- WEB https://github.com/openstack/nova/commit/44a8aba1d5da87d54db48079103fdef946666d80
- PACKAGE https://github.com/openstack/nova
- WEB https://review.openstack.org/#/c/28717
- WEB https://review.openstack.org/#/c/28901
- WEB https://review.openstack.org/#/c/29192
- WEB https://web.archive.org/web/20130726040108/http://www.securityfocus.com/bid/59924
- WEB http://lists.openstack.org/pipermail/openstack-announce/2013-May/000102.html
- WEB http://www.ubuntu.com/usn/USN-1831-1
Ready to move
Start Securing
Free, no credit card | First findings in minutes