CVE-2013-4463

Name of the Vulnerable Software and Affected Versions OpenStack Compute (Nova) versions Folsom through Havana

Description The issue allows local users to cause a denial of service, specifically host file system disk consumption, via a compressed QCOW2 image. This is due to the incomplete verification of the virtual size of a QCOW2 image.

Recommendations For versions Folsom through Havana, consider restricting the use of compressed QCOW2 images until a proper fix is applied to prevent host file system disk consumption. As a temporary workaround, monitor disk usage closely to mitigate the risk of denial of service.