Julia Kreger

**Name of the Vulnerable Software and Affected Versions** OpenStack Ironic versions prior to 24.1.3 OpenStack Ironic versions prior to 26.1.1 OpenStack Ironic versions prior to 29.0.1 **Description** The issue allows a malicious project assigned as a node owner to provide a path to any local file readable by `ironic-conductor`, which may then be written to the target node disk during image handling via the API. This is particularly dangerous in environments with non-default, insecure configurations, such as those with automated cleaning disabled. **Recommendations** For versions prior to 24.1.3, update to version 24.1.3 or later. For versions prior to 26.1.1, update to version 26.1.1 or later. For versions prior to 29.0.1, update to version 29.0.1 or later. As a temporary workaround, consider restricting access to the `ironic-conductor` service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenStack Ironic versions prior to 21.4.4 OpenStack Ironic versions 22.x through 23.x before 23.0.3 OpenStack Ironic versions 23.x through 24.x before 24.1.3 OpenStack Ironic versions 25.x through 26.x before 26.1.0 **Description** The issue is related to a lack of checksum validation of supplied image source URLs when configured to convert images to a raw format for streaming. This affects the ability to ensure the integrity of the images being used. **Recommendations** For OpenStack Ironic versions prior to 21.4.4, update to version 21.4.4 or later. For OpenStack Ironic versions 22.x through 23.x before 23.0.3, update to version 23.0.3 or later. For OpenStack Ironic versions 23.x through 24.x before 24.1.3, update to version 24.1.3 or later. For OpenStack Ironic versions 25.x through 26.x before 26.1.0, update to version 26.1.0 or later.

**Name of the Vulnerable Software and Affected Versions** OpenStack Ironic versions prior to 26.0.1 Ironic-python-agent versions prior to 9.13.1 **Description** The issue concerns a vulnerability in image processing, where a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, potentially leading to unauthorized access to sensitive data. **Recommendations** For OpenStack Ironic versions prior to 26.0.1, update to version 26.0.1 or later to resolve the issue. For Ironic-python-agent versions prior to 9.13.1, update to version 9.13.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted images in the image processing functionality until a patch is applied.