3 matches found
GHSA-5644-2V3H-5W4X OpenStack Nova denial of service through compressed disk images
OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...
OpenStack Nova denial of service through compressed disk images
OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...
Security Bulletin: Potential Nova denial of service through compressed disk images (CVE-2013-4463, CVE-2013-4469)
Summary By using malicious compressed qcow2 disk images, an authenticated user might consume large amounts of disk space for each image. This scenario can potentially result in a Denial of Service attack on Nova compute nodes CVE-2013-4463. In the non-default case where usecowimages=False and...