Comment 13 for bug 1206081
Revision history for this message
| Thierry Carrez (ttx) wrote Re: Unchecked qcow2 root disk sizes DoS | #13 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
5c6b958
demo site
(Get the code!)
First attempt at an impact description, not sure I got this right:
-------
Title: Potential Nova denial of service through compressed disk images
Reporter: Bernhard M. Wiedemann (SUSE)
Products: Nova
Affects: All versions
Description:
Bernhard M. Wiedemann from SUSE reported a vulnerability in Nova's control of the size of disk images. By using malicious compressed qcow2 disk images, an authenticated user may consume large amounts of disk space, potentially resulting in a Denial of Service attack on Nova compute nodes. This issue is slightly different from CVE-2013-2096 which was addressed in OSSA 2013-012.
-------