Comment 6 for bug 1221190
Revision history for this message
| Daniel Berrange (berrange) wrote Re: Image format not enforced when using rescue | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
Yes, at the very least, this is a serious information leakage flaw. This same issue has been given a CVE many times before in various virt projects. QEMU has the ability to merge a snapshot back into the base file - if there was a way to trigger this in openstack, the flaw would be even more serious - host data overwriting.