Yes, at the very least, this is a serious information leakage flaw. This same issue has been given a CVE many times before in various virt projects. QEMU has the ability to merge a snapshot back into the base file - if there was a way to trigger this in openstack, the flaw would be even more serious - host data overwriting.
Yes, at the very least, this is a serious information leakage flaw. This same issue has been given a CVE many times before in various virt projects. QEMU has the ability to merge a snapshot back into the base file - if there was a way to trigger this in openstack, the flaw would be even more serious - host data overwriting.