Ubuntu Update For Nova USN-1831-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Loganathan Parthipan discovered that Nova did not verify the size of QCOW2 instance storage. An authenticated attacker could exploit this to cause a denial of service by creating an image with a large virtual size with little data, then filling the virtual disk.

Affected

nova on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-May/002117.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-2096

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for lightdm USN-1262-1
Ubuntu Update for gdm-guest-session USN-1399-1
Ubuntu Update for linux-ti-omap4 USN-1997-1
Ubuntu Update for openssl USN-1898-1
Ubuntu Update for gnupg USN-2059-1

Ubuntu Update for nova USN-1831-1

Take action and discover your vulnerabilities