Re: [libvirt] sVirt shouldn't let Nova do stupid things

On Tue, Mar 08, 2016 at 04:24:51PM +, Matthew Booth wrote: > Nova just released a fix for this critical CVE: > https://bugs.launchpad.net/nova/+bug/1548450 > > To summarise, it's a qcow2 backing file exploit. The user writes a > malicious qcow2 header to the top of a raw disk, then triggers a

[libvirt] sVirt shouldn't let Nova do stupid things

Nova just released a fix for this critical CVE: https://bugs.launchpad.net/nova/+bug/1548450 To summarise, it's a qcow2 backing file exploit. The user writes a malicious qcow2 header to the top of a raw disk, then triggers a bug in Nova which causes it to do format detection. If you read the bug