{"id":"CVE-2014-3608","details":"The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573.","aliases":["GHSA-92hc-c226-32q7"],"modified":"2026-02-04T16:54:32.723448Z","published":"2014-10-06T14:55:09Z","related":["SUSE-SU-2015:0324-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-1781.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-1782.html"},{"type":"ADVISORY","url":"http://seclists.org/oss-sec/2014/q4/65"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/70220"},{"type":"ADVISORY","url":"https://bugs.launchpad.net/nova/+bug/1338830"},{"type":"ARTICLE","url":"http://seclists.org/oss-sec/2014/q4/65"},{"type":"EVIDENCE","url":"https://bugs.launchpad.net/nova/+bug/1338830"}],"schema_version":"1.7.3"}