Miggo Logo
Miggo Vulnerability Database
CVE-2013-6437

CVE-2013-6437: OpenStack Nova DoS through ephemeral disk backing files

4

CVSS Score

Basic Information

CVE ID
CVE-2013-6437
GHSA ID
GHSA-hrv9-4x4c-9jc8
EPSS Score
0.61975%
CWE
-
Published
5/14/2022
Updated
5/14/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
AV:N/AC:L/Au:S/C:N/I:N/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
novapip< 12.0.0a012.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from using unvalidated 'os_type' values in ephemeral disk filenames. The commit diff shows the fix introduced 'get_fs_type_for_os_type' in nova/virt/disk/api.py to check if an mkfs command exists for the os_type. The original code in libvirt/driver.py naively used 'os_type' from instance metadata without this check, making the filename generation logic vulnerable to abuse. The test cases in test_libvirt.py confirm the flawed behavior was tied to uncontrolled os_type values in filenames.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** li*virt *riv*r in Op*nSt**k *omput* (Nov*) ***or* ****.*.* *n* i***ous* ***or* i***ous*-* *llows r*mot* *ut**nti**t** us*rs to **us* * **ni*l o* s*rvi** (*isk *onsumption) *y *r**tin* *n* **l*tin* inst*n**s wit* uniqu* os_typ* s*ttin*s, w*i** tri

Reasoning

T** vuln*r**ility st*mm** *rom usin* unv*li**t** 'os_typ*' v*lu*s in *p**m*r*l *isk *il*n*m*s. T** *ommit *i** s*ows t** *ix intro*u*** '**t_*s_typ*_*or_os_typ*' in nov*/virt/*isk/*pi.py to ****k i* *n mk*s *omm*n* *xists *or t** os_typ*. T** ori*in*