Comment 62 for bug 2071734
Revision history for this message
| sean mooney (sean-k-mooney) wrote Re: Regression VMDK/qcow arbitrary file access (CVE-2024-40767) | #62 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
thanks, dan/gibi for confirming.
I tried to test this also and saw the permission failure but missed the fact that it is expected.
now that the scope has been clarified, and Gibi has confirmed it works and is rejected when the file is readable, I agree that additional hardening via teaching the format inspector about these unsupported formats can be done separately.
we should not expand the scope of this cve to include that.
I briefly looked at what that involves and it would be better to do that via the normal code review process than under the limited embargoed one.
It is possible to teach the inspector about the other vmdk formats but its a more invasive change then I think we want to do in the current mitigation as it would introduce additional risk and delay closing the current bug without improving security enough to warrant the delay.
calling qemu img info will still reject the image in this case.