date: 2015-01-26

id: OSSA-2015-003

title: 'Glance user storage quota bypass'

description: 'Tushar Patil from NTT reported a vulnerability in Glance. By deleting images
    that are being uploaded, a malicious user can overcome the storage quota and
    thus may overrun the backend. Images in deleted state are not taken into
    account by quota and won''t be effectively deleted until the upload is
    completed. Only Glance setups configured with user_storage_quota are
    affected.'

affected-products:

  - product: glance
    version: up to 2014.1.3 and 2014.2 versions up to 2014.2.1

vulnerabilities:

  - cve-id: CVE-2014-9623

reporters:

  - name: 'Tushar Patil'
    affiliation: NTT
    reported:
      - CVE-2014-9623

issues:

  links:
    - https://launchpad.net/bugs/1398830

  type: launchpad

reviews:

  kilo:
    - https://review.openstack.org/144464

  juno:
    - https://review.openstack.org/149387

  icehouse:
    - https://review.openstack.org/149646

  type: gerrit

notes:
  - 'This fix will be included in the kilo-2 development milestone and in
     future 2014.2.2 (juno) and 2014.1.4 (icehouse) releases.'