cbcvebase.
CVE-2013-2096
published 2013-07-09

CVE-2013-2096: OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service…

low2.1CVSS 3.1
AVLACLAuNCNINAP
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.

Affected

11 ranges
VendorProductVersion rangeFixed in
debiannova< nova 2013.2-3 (bookworm)nova 2013.2-3 (bookworm)
debiannova< nova 2013.1.2-2 (bookworm)nova 2013.1.2-2 (bookworm)
openstacknova>= 0 < 2013.2-32013.2-3
openstacknova>= 0 < 2013.1.2-22013.1.2-2
openstacknova>= 0 < 2013.2-32013.2-3
openstacknova>= 0 < 2013.1.2-22013.1.2-2
openstacknova>= 0 < 2013.2-32013.2-3
openstacknova>= 0 < 2013.1.2-22013.1.2-2
openstacknova>= 0 < 2013.2-32013.2-3
openstacknova>= 0 < 2013.1.2-22013.1.2-2
openstacknova>= 0 < 12.0.0a012.0.0a0

CVSS provenance

nvd2.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
ghsa2.1LOW
osv2.1LOW