Ironic Python Agent
Monthly
Arbitrary code execution in OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0 occurs because IPA runs grub-install from inside a chroot of the partition image it is deploying, so binaries supplied by a malicious image execute on the provisioning ramdisk. An attacker able to have a crafted partition image deployed can run code in the IPA context (typically root on the bare-metal node being provisioned). No public exploit identified at time of analysis; EPSS is negligible (0.01%) and CISA SSVC records exploitation status as none, but the technical impact is rated total.
Arbitrary code execution in OpenStack ironic-python-agent (IPA) versions 1.0.0 through 11.5.0 occurs because IPA runs grub-install from inside a chroot of the partition image it is deploying, so binaries supplied by a malicious image execute on the provisioning ramdisk. An attacker able to have a crafted partition image deployed can run code in the IPA context (typically root on the bare-metal node being provisioned). No public exploit identified at time of analysis; EPSS is negligible (0.01%) and CISA SSVC records exploitation status as none, but the technical impact is rated total.