{"id":"CVE-2013-1838","details":"OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.","aliases":["GHSA-63fq-8fp9-vhwq","PYSEC-2013-44"],"modified":"2026-01-27T04:12:06.038209Z","published":"2013-03-22T21:55:01Z","withdrawn":"2026-01-27T04:12:06.038209Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-0709.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/52580"},{"type":"ADVISORY","url":"http://secunia.com/advisories/52728"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=919648"},{"type":"WEB","url":"http://osvdb.org/91303"},{"type":"WEB","url":"http://ubuntu.com/usn/usn-1771-1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2013/03/14/18"},{"type":"WEB","url":"http://www.securityfocus.com/bid/58492"},{"type":"WEB","url":"https://bugs.launchpad.net/nova/+bug/1125468"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82877"},{"type":"WEB","url":"https://lists.launchpad.net/openstack/msg21892.html"},{"type":"WEB","url":"https://review.openstack.org/#/c/24451/"},{"type":"WEB","url":"https://review.openstack.org/#/c/24452/"},{"type":"WEB","url":"https://review.openstack.org/#/c/24453/"}],"schema_version":"1.7.3"}