Bernhard M. Wiedemann

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions Folsom through Havana **Description** The issue allows local users to cause a denial of service, specifically host file system disk consumption, via a compressed QCOW2 image. This is due to the incomplete verification of the virtual size of a QCOW2 image. **Recommendations** For versions Folsom through Havana, consider restricting the use of compressed QCOW2 images until a proper fix is applied to prevent host file system disk consumption. As a temporary workaround, monitor disk usage closely to mitigate the risk of denial of service.

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions Folsom through Havana **Description** The issue allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance, when `use cow images` is set to `False`. This occurs because the virtual size of a QCOW2 image is not verified. **Recommendations** For OpenStack Compute (Nova) versions Folsom through Havana, as a temporary workaround, consider setting `use cow images` to `True` to mitigate the risk of exploitation. Restrict access to transferring images from Glance to minimize the risk of host file system disk consumption.