QwikSec

Security Database

CVE

CWE

Training

CVE-2013-4469

Published: Nov 2, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.launchpad.net/nova/+bug/1206081

x_refsource_CONFIRM

[oss-security] 20131031 [OSSA 2013-029] Potential Nova denial of service through compressed disk images (CVE-2013-4463, CVE-2013-4469)

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.