Vulnerability in Openstack Nova

CVE-2013-6437

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and deleting instances with unique os_type settings…

EPSS: 0.004 (63.2th percentile) — read the EPSS interpretation.

Affected products

Openstack Nova — versions 2014.1
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

RHSA-2014:0231 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
[openstack-announce] 20131218 [OSSA 2013-037] Nova compute DoS through ephemeral disk backing files (CVE-2013-6437) (Vendor Advisory, mailing-list, x_refsource_MLIST, Patch)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)