Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Ubuntu 24.04 LTS: USN-6989-1 Moderate: OpenStack Ironic Info Exposure

Calendar Sep 04, 2024 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory update instructions information exposure ubuntu ironic
OpenStack could be made to expose sensitive information. 
==========================================================================
Ubuntu Security Notice USN-6989-1
September 04, 2024

ironic vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

OpenStack could be made to expose sensitive information.

Software Description:
- ironic: Openstack bare metal provisioning service - API

Details:

Dan Smith, Julia Kreger and Jay Faulkner discovered that in
image processing for Ironic, a specially crafted image
could be used by an authenticated user to exploit undesired behaviors
in qemu-img, including possible unauthorized access to potentially
sensitive data.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  python3-ironic                  1:24.1.1-0ubuntu1.2

Ubuntu 22.04 LTS
  python3-ironic                  1:20.1.0-0ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-6989-1
  CVE-2024-44082

Package Information:
  
  https://launchpad.net/ubuntu/+source/ironic/1:20.1.0-0ubuntu1.2

Ubuntu 24.04 LTS: USN-6989-1 Moderate: OpenStack Ironic Info Exposure

ubuntu
Calendar Grey September 4, 2024
Dist Ubuntu Esm H88
Ironic from OpenStack could expose confidential data in Ubuntu systems. Ensure your system is updated promptly to mitigate possible vulnerabilities.
OpenStack could be made to expose sensitive information.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: OpenStack could be made to expose sensitive information. Software Description: - ironic: Openstack bare metal provisioning service - API Details: Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data.

Topics%20covered

Topics Covered

security advisory update instructions information exposure ubuntu ironic

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS python3-ironic 1:24.1.1-0ubuntu1.2 Ubuntu 22.04 LTS python3-ironic 1:20.1.0-0ubuntu1.2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6989-1

CVE-2024-44082

Ubuntu Security Notice USN-6989-1

Topics%20covered

Topics Covered

security advisory update instructions information exposure ubuntu ironic

Package Information

https://launchpad.net/ubuntu/+source/ironic/1:20.1.0-0ubuntu1.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here