Bug 2309331 (CVE-2024-44082)

Summary: CVE-2024-44082 openstack-ironic: Specially crafted image may allow authenticated users to gain access to potentially sensitive data
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: asdas, bmontgom, dpaolell, eglynn, eparis, jburrell, jdelft, jjoyce, jkreger, jschluet, jupierce, lgarciaa, lhh, lsvaty, mbiarnes, mburns, mgarciac, nstielau, pgrist, rhos-maint, sbaker, security-response-team, sidsharm, sponnaga, talessio, vlaad, ximhan, yuxzhu
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in OpenStack Ironic. This flaw allows an authenticated user to use a specially crafted image to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2309333, 2309334, 2309335    
Bug Blocks:    
Deadline: 2024-09-04   

Description OSIDB Bzimport 2024-09-03 02:30:30 UTC 
It was learned by the OpenStack community that running qemu-img
on untrusted images without a format pre-specified can present a
security risk. Furthermore, some of these specific image formats have inherently unsafe features. This is rooted in how qemu-img operates where all image drivers are loaded and attempt to evaluate the input data.
Comment 2 errata-xmlrpc 2024-10-02 05:27:50 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.16

Via RHSA-2024:7174 https://access.redhat.com/errata/RHSA-2024:7174
Comment 3 errata-xmlrpc 2024-10-09 19:35:00 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.15

Via RHSA-2024:7594 https://access.redhat.com/errata/RHSA-2024:7594
Comment 4 errata-xmlrpc 2024-10-16 20:25:17 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.13
  Ironic content for Red Hat OpenShift Container Platform 4.13

Via RHSA-2024:7941 https://access.redhat.com/errata/RHSA-2024:7941
Comment 5 errata-xmlrpc 2024-10-23 13:15:40 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.14

Via RHSA-2024:8235 https://access.redhat.com/errata/RHSA-2024:8235
Comment 6 errata-xmlrpc 2024-11-07 03:28:54 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.12
  Ironic content for Red Hat OpenShift Container Platform 4.12

Via RHSA-2024:8694 https://access.redhat.com/errata/RHSA-2024:8694
Comment 7 errata-xmlrpc 2024-11-21 09:32:00 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 17.1 for RHEL 9

Via RHSA-2024:9982 https://access.redhat.com/errata/RHSA-2024:9982
Comment 8 errata-xmlrpc 2025-01-09 14:57:07 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2025:0204 https://access.redhat.com/errata/RHSA-2025:0204