High severityNVD Advisory· Published Mar 22, 2013· Updated Jun 16, 2026
CVE-2013-1838
CVE-2013-1838
Description
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
novaPyPI | < 12.0.0a0 | 12.0.0a0 |
Affected products
7cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
23- secunia.com/advisories/52580nvdVendor Advisory
- secunia.com/advisories/52728nvdVendor Advisory
- github.com/advisories/GHSA-63fq-8fp9-vhwqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-1838ghsaADVISORY
- rhn.redhat.com/errata/RHSA-2013-0709.htmlnvdWEB
- ubuntu.com/usn/usn-1771-1nvdWEB
- www.openwall.com/lists/oss-security/2013/03/14/18nvdWEB
- bugs.launchpad.net/nova/+bug/1125468nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/82877nvdWEB
- github.com/openstack/nova/commit/9561484166f245d0e4602a36351d6cac72dd9426ghsaWEB
- github.com/openstack/nova/commit/99429214d4ddb5bdc7de185693b8a53ad50df3c6ghsaWEB
- github.com/openstack/nova/commit/efaacdaee116388234558e2682b647d41fe5b149ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/nova/PYSEC-2013-44.yamlghsaWEB
- lists.launchpad.net/openstack/msg21892.htmlnvdWEB
- review.openstack.orgghsaWEB
- review.openstack.orgghsaWEB
- review.openstack.orgghsaWEB
- osvdb.org/91303nvd
- www.securityfocus.com/bid/58492nvd
- review.openstack.orgnvd
- review.openstack.orgnvd
- review.openstack.orgnvd
News mentions
0No linked articles in our index yet.