CVE-2026-43003
Code Execution via Malicious Image in OpenStack Ironic Python Agent
Publication date: 2026-05-01
Last updated on: 2026-05-04
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openstack | ironic_python_agent | From 1.0.0 (inc) to 11.5.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-829 | The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-43003 is a vulnerability in the OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0. The issue occurs because IPA sometimes executes the grub-install command from within a chroot environment of the deployed partition image. If the deployed image is malicious, this can lead to arbitrary code execution.
Specifically, tenant-controlled binaries are executed during deployment, and an attacker who controls the disk image can craft malicious filenames or binaries (such as grub-install) to execute code within the deploy ramdisk. This ramdisk has full access to system resources like /dev, /proc, and /sys, which can lead to host-level access.
How can this vulnerability impact me? :
This vulnerability can allow an attacker who controls a malicious disk image to execute arbitrary code with elevated privileges during the deployment process. The attacker can gain host-level access to the provisioning network and potentially interfere with other IPA instances or disrupt provisioning workflows.
- Compromise of the deploy ramdisk environment.
- Potential host-level access to the provisioning network.
- Ability to tamper with post-bootloader deployment steps.
- Disruption of provisioning workflows for other nodes sharing the same ramdisk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the execution of grub-install from within a chroot of the deployed partition image, which can lead to code execution if a malicious image is used. Detection involves monitoring for unexpected or unauthorized executions of grub-install or other binaries within chroot environments during deployment.
Since the vulnerability is related to tenant-controlled disk images and the execution of grub-install, one approach is to audit deployment logs and processes for unusual grub-install invocations or suspicious chroot activity.
- Check running processes during deployment for grub-install usage: `ps aux | grep grub-install`
- Monitor system logs for grub-install or chroot command executions: `grep -i grub-install /var/log/*` or `journalctl | grep grub-install`
- Audit the disk images used for deployment to detect malicious filenames or binaries that could trigger the vulnerability.
Note that no specific detection commands are provided in the resources, so these suggestions are based on the nature of the vulnerability and typical system monitoring practices.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the use of partition image types by default in the ironic-python-agent configuration to prevent execution of tenant-controlled binaries during deployment.
Hardening the execution of grub-install by using control groups (cgroups) to isolate the process and limit its privileges can reduce the risk of code execution.
Review other instances in the ironic-python-agent where untrusted binaries might be executed and apply similar hardening or disablement.
Ensure that deployment workflows and ramdisk environments are properly isolated and monitored to limit the blast radius of any potential exploit.
Since the vulnerability affects the Ansible deploy driver, consider temporarily disabling or restricting its use if feasible.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-43003 allows code execution within the deploy ramdisk of OpenStack ironic-python-agent when processing malicious disk images. This can lead to host-level access on the provisioning network and potential disruption of provisioning workflows.
While the vulnerability compromises the deploy ramdisk environment, it does not expose sensitive data such as current agent tokens or full node objects, and the underlying security model includes safeguards like agent tokens and restricted API access.
Given these factors, the vulnerability could impact compliance with standards like GDPR or HIPAA if an attacker leverages it to disrupt operations or gain unauthorized access to systems, but direct exposure of regulated personal or health data is not indicated.
Mitigations such as disabling partition image types by default and hardening execution environments reduce the risk of compliance violations.