A flaw was found in the way target domain permission check was performed when cloning a VM from a snapshot. An attacker can use this flaw to conduct denial of service attack on the target domain by exhausting the available free space. Acknowledgements: This issue was discovered by Daniel Erez of the Red Hat Enterprise Virtualization Team.
This issue has been addressed in following products: RHEV Manager version 3.2 Via RHSA-2013:0888 https://rhn.redhat.com/errata/RHSA-2013-0888.html
Created ovirt-engine tracking bugs for this issue Affects: fedora-all [bug 972952]