Bug 2494664 (CVE-2026-44918)
| Summary: | CVE-2026-44918 openstack-ironic: Prevent rehoming resources to nodes with different owner | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marco Benatto <mbenatto> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | eglynn, jjoyce, jpretori, jschluet, lhh, mburns, mgarciac, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in OpenStack Ironic. An authenticated project manager can change the node associated with Volume Connectors or Volume Target objects, potentially changing the project permitted to access the object. Volume Connectors contain secrets in environments configuring boot from volume with iSCSI volumes. Additionally, a project manager with the ability to create nodes can use the UUID of a node not owned by their project as a parent node when creating a new node. This mismatched child node can then be used to impact operations on the parent, such as forcing it to power on.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Deadline: | 2026-07-08 | ||
|
Description
Marco Benatto
2026-06-29 20:49:20 UTC
|