CVE-2013-4463
published 2014-02-06CVE-2013-4463: OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of…
low2.1CVSS 3.1
AVLACLAuNCNINAP
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nova | < nova 2013.2-3 (bookworm) | nova 2013.2-3 (bookworm) |
| openstack | nova | >= 0 < 2013.2-3 | 2013.2-3 |
| openstack | nova | >= 0 < 2013.2-3 | 2013.2-3 |
| openstack | nova | >= 0 < 2013.2-3 | 2013.2-3 |
| openstack | nova | >= 0 < 2013.2-3 | 2013.2-3 |
| openstack | nova | >= 0 < 12.0.0a0 | 12.0.0a0 |
| openstack | nova | >= 0 < 1:2014.1-0ubuntu1.2 | 1:2014.1-0ubuntu1.2 |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
ghsa2.1LOW
osv5.0MEDIUM