CVE-2013-6437 (retired)

Priority
Description
The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse
before icehouse-2 allows remote authenticated users to cause a denial of
service (disk consumption) by creating and deleting instances with unique
os_type settings, which triggers the creation of a new ephemeral disk
backing file.
Notes
mdeslaurOSSA 2013-037
in precise and quantal, code is in connection.py
seems to be introduced by:
https://git.openstack.org/cgit/openstack/nova/commit/nova/virt/libvirt/driver.py?id=0cecdf4b8632d3a4eea816869796b03e8b928256
More Information

Updated: 2019-10-09 07:48:54 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)