Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-4469

Опубликовано: 31 окт. 2013
Источник: redhat
CVSS2: 4

Описание

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

Отчет

The Red Hat Security Response Team has rated this issue as having moderate security impact. This issue only affects systems that implemented the fix for CVE-2013-2096 (Bz963462) which fails to completely address the problem. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 3openstack-novaWill not fix
Red Hat OpenStack Platform 4openstack-novaNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1023581Nova: Incomplete fix for CVE-2013-2096

4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-4469

ubuntu
больше 12 лет назад

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

nvd логотип

CVE-2013-4469

nvd
больше 12 лет назад

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.

debian логотип

CVE-2013-4469

debian
больше 12 лет назад

OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_ima ...

github логотип

GHSA-2w87-5qcj-j6gx

github
больше 3 лет назад

OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image

4 Medium

CVSS2