Comment 31 for bug 1844712

As annoying and disturbing as this bug is, we still years later lack sufficient information to be able to reproduce and study the behavior in order to even attempt to identify a root cause. Unless that situation changes, it seems impractical to exploit at the very least. In discussion between VMT members and others in the OpenStack Security SIG during the 2023.1 PTG, we decided for now we'll treat it as class C1 per our report taxonomy (though we're happy to revisit if anything changes): https://security.openstack.org/vmt-process.html#report-taxonomy