Описание
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2014.1~b1-0ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1:2014.1~b1-0ubuntu2]] |
| lucid | DNE | |
| precise | released | 2012.1.3+stable-20130423-e52e6912-0ubuntu1.4 |
| quantal | ignored | end of life, was pending |
| raring | ignored | end of life |
| saucy | released | 1:2013.2.3-0ubuntu1.2 |
| trusty | not-affected | 1:2014.1~b1-0ubuntu2 |
| trusty/esm | DNE | trusty was not-affected [1:2014.1~b1-0ubuntu2] |
| upstream | needs-triage |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_ima ...
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
EPSS
1.9 Low
CVSS2