Openstack · Openstack Compute · CVE-2014-0134
**Name of the Vulnerable Software and Affected Versions**
OpenStack Compute (Nova) versions 2013.2 through 2013.2.2
OpenStack Compute (Nova) versions prior to 2014.1 in the Icehouse release
**Description**
The issue allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image when using libvirt to spawn images and `use cow images` is set to `false`.
**Recommendations**
For OpenStack Compute (Nova) versions 2013.2 through 2013.2.2, update to version 2013.2.3 or later.
For OpenStack Compute (Nova) versions prior to 2014.1 in the Icehouse release, update to version 2014.1 or later.