Comment 85 for bug 2059809

Martin reported the vague concerns raised in this bug with the QEMU maintainers (exploiting QMP blobs in QCOW2 and VMDK images to disclose or overwrite files when processed by `qemu-img info` because it relies on QEMU image driver code to perform the image inspection). Their response was to consider this use case out of scope and publish the details in order to warn projects away from running `qemu-img info` or other QEMU tools on untrusted images. At that point I was copied on that discussion, and so asked them for advice on how we should proceed. They indicated to me that they were willing to delay that announcement until we deal with this current vulnerability report, but from what I can tell it's their consensus to take the reported exploits at face value and say "sure that makes sense, don't do it, that's not a use case we support" rather than dig into each claim and verify the extent to which it could be exploited.

What's currently claimed, and hasn't yet been refuted, is that running `qemu-img info` on QCOW2 files can be used to write to arbitrary locations/devices when it attempts to inspect those images, so their recommendation was that we preferably stop the software from accepting images from untrusted sources, or that we analyze the image specifications ourselves and write a tool that can reject risky images because that's not what `qemu-img info` is designed for. The remaining alternatives are that we either hope the described exploits are impractical, or dissect the QEMU source code ourselves and decide for sure that all versions currently in use aren't exploitable in this manner.