CVE-2026-43003
Received Received - Intake
Code Execution via Malicious Image in OpenStack Ironic Python Agent

Publication date: 2026-05-01

Last updated on: 2026-05-04

Assigner: MITRE

Description
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-04
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43003
EUVD
EUVD-2026-26489
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openstack ironic_python_agent From 1.0.0 (inc) to 11.5.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-829 The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-43003 is a vulnerability in the OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0. The issue occurs because IPA sometimes executes the grub-install command from within a chroot environment of the deployed partition image. If the deployed image is malicious, this can lead to arbitrary code execution.

Specifically, tenant-controlled binaries are executed during deployment, and an attacker who controls the disk image can craft malicious filenames or binaries (such as grub-install) to execute code within the deploy ramdisk. This ramdisk has full access to system resources like /dev, /proc, and /sys, which can lead to host-level access.

Impact Analysis

This vulnerability can allow an attacker who controls a malicious disk image to execute arbitrary code with elevated privileges during the deployment process. The attacker can gain host-level access to the provisioning network and potentially interfere with other IPA instances or disrupt provisioning workflows.

  • Compromise of the deploy ramdisk environment.
  • Potential host-level access to the provisioning network.
  • Ability to tamper with post-bootloader deployment steps.
  • Disruption of provisioning workflows for other nodes sharing the same ramdisk.
Detection Guidance

This vulnerability involves the execution of grub-install from within a chroot of the deployed partition image, which can lead to code execution if a malicious image is used. Detection involves monitoring for unexpected or unauthorized executions of grub-install or other binaries within chroot environments during deployment.

Since the vulnerability is related to tenant-controlled disk images and the execution of grub-install, one approach is to audit deployment logs and processes for unusual grub-install invocations or suspicious chroot activity.

  • Check running processes during deployment for grub-install usage: `ps aux | grep grub-install`
  • Monitor system logs for grub-install or chroot command executions: `grep -i grub-install /var/log/*` or `journalctl | grep grub-install`
  • Audit the disk images used for deployment to detect malicious filenames or binaries that could trigger the vulnerability.

Note that no specific detection commands are provided in the resources, so these suggestions are based on the nature of the vulnerability and typical system monitoring practices.

Mitigation Strategies

Immediate mitigation steps include disabling the use of partition image types by default in the ironic-python-agent configuration to prevent execution of tenant-controlled binaries during deployment.

Hardening the execution of grub-install by using control groups (cgroups) to isolate the process and limit its privileges can reduce the risk of code execution.

Review other instances in the ironic-python-agent where untrusted binaries might be executed and apply similar hardening or disablement.

Ensure that deployment workflows and ramdisk environments are properly isolated and monitored to limit the blast radius of any potential exploit.

Since the vulnerability affects the Ansible deploy driver, consider temporarily disabling or restricting its use if feasible.

Compliance Impact

CVE-2026-43003 allows code execution within the deploy ramdisk of OpenStack ironic-python-agent when processing malicious disk images. This can lead to host-level access on the provisioning network and potential disruption of provisioning workflows.

While the vulnerability compromises the deploy ramdisk environment, it does not expose sensitive data such as current agent tokens or full node objects, and the underlying security model includes safeguards like agent tokens and restricted API access.

Given these factors, the vulnerability could impact compliance with standards like GDPR or HIPAA if an attacker leverages it to disrupt operations or gain unauthorized access to systems, but direct exposure of regulated personal or health data is not indicated.

Mitigations such as disabling partition image types by default and hardening execution environments reduce the risk of compliance violations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43003. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart