Ubuntu Cloud Archive

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #2059809
Comment #211

Comment 211 for bug 2059809

Revision history for this message

Felix Huettner (felix.huettner) wrote on 2024-06-27: Re: Arbitrary file access through QCOW2 external data file (CVE-2024-32498)

#211

I tested a few other image formats from https://qemu-project.gitlab.io/qemu/system/images.html

old qcow (not qcow2) is correctly filtered, as it looks like the format is very similar to qcow2.

However i could reproduce the same issue with the "QED" file format (https://qemu-project.gitlab.io/qemu/system/images.html) and the backing_file in there.
I guess we need to adapt the format_inspector to also handle this.
To create a QED file you can just call qemu-img with "-f qed" and the other parameters just like in qcow2.

The spec is available here https://wiki.qemu.org/Features/QED/Specification

I'll be unavailable until Monday so if someone would pick this up that would be great.