Vulnerability in Openstack Folsom

CVE-2013-4463

OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE…

EPSS: 0.002 (36.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-399

References

secalert@redhat.com (x_refsource_CONFIRM)
[oss-security] 20131031 [OSSA 2013-029] Potential Nova denial of service through compressed disk images (CVE-2013-4463, CVE-2013-4469) (mailing-list, x_refsource_MLIST)
USN-2247-1 (x_refsource_UBUNTU, vendor-advisory)
RHSA-2014:0112 (x_refsource_REDHAT, vendor-advisory)