Comment 33 for bug 1221190
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Image format not enforced when using rescue | #33 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
Draft impact description #1 -
Title: Host data leak to vm instance in rescue mode through image backing file.
Reporter: Stanislaw Pitucha (HP)
Products: Nova
Affects: All supported versions
Description:
Stanislaw Pitucha from Hewlett Packard reported a vulnerability in the Nova instance rescue mode. An instance administrator can overwrite the disk from inside the instance using a malicious qcow2 image crafted to be backed by an arbitary file path. By switching the instance to rescue mode, libvirt driver will guess the new image format to be a qcow2 resulting in the compute host backing file path (controlled by the user) to be exposed to the vm as the backing device. Only setups using libvirt to spawn instance, and having "use_cow_images = False" in Nova configuration are affected.