NVD

Id
38202  
Name
CVE-2013-2096  
Description
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2013-07-09  
Modified Date
2014-01-07  
Seq
2013-2096  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
195330 38202 CVE-2013-2096 [openstack-announce] 20130516 [OSSA 2013-012] Nova fails to verify image virtual size (CVE-2013-2096)  View
195331 38202 CVE-2013-2096 59924  View
195332 38202 CVE-2013-2096 USN-1831-1  View
195333 38202 CVE-2013-2096 https://review.openstack.org/#/c/28717/  View
195334 38202 CVE-2013-2096 https://review.openstack.org/#/c/28901/  View
195335 38202 CVE-2013-2096 https://review.openstack.org/#/c/29192/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
21737 JVNDB-2013-003312 複数の OpenStack 製品におけるサービス運用妨害 (DoS) の脆弱性 OpenStack Compute (Nova) Folsom、Grizzly、および Havana は、QCOW2 イメージの仮想サイズを検証しないため、サービス運用妨害 (ホストファイルシステムディスクの消費) 状態にされる脆弱性が存在します。 CVE-2013-2096 62038 CVE-2013-2096 38202 2.1 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003312.html 2013-05-11 2013-07-12 View