CVE-2024-40767: 
Python vulnerability analysis and mitigation

CVE-2024-40767 affects OpenStack Nova versions before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1. The vulnerability allows an authenticated user to access potentially sensitive data by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path. This issue exists because of an incomplete fix for CVE-2022-47951 and CVE-2024-32498 (OpenStack OSSA, NVD).

The vulnerability involves two specific issues: a QCOW2 issue affecting systems where the usecowimages configuration option is disabled, and a VMDK issue which is a regression of an earlier vulnerability (OSSA-2023-002) reintroduced by a new implementation. The vulnerability has a CVSS v3.1 Base Score of 6.5 (Medium) with vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability allows authenticated users to access arbitrary files on the server by manipulating image formats, potentially exposing sensitive data. The vulnerability affects all Nova deployments and could lead to unauthorized access to potentially sensitive information stored on the server (Security Online).

Organizations should upgrade to Nova versions 27.4.1, 28.2.1, or 29.1.1 or later as appropriate for their deployment. Additionally, the image cache should be purged as part of mitigating this CVE to ensure no existing malicious images are present. Users attempting to identify malicious images in the cache should ensure they're using a version of qemu-img that's patched for QEMU CVE-2024-4467 (OpenStack OSSA).