CVE-2013-4469
Last modified
CVE-2013-4469 is a vulnerability of currently unknown severity. OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.. EPSS estimates a 0.44% chance of exploitation in the next 30 days.
Description
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openstack | Folsom | All versions |
| Openstack | Grizzly | All versions |
| Openstack | Havana | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-4469?
How severe is CVE-2013-4469?
How do I fix CVE-2013-4469?
Are you affected by CVE-2013-4469?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST