CVE-2026-24708 OpenStack Missing image format validation on resize
The vulnerability
OpenStack supports a variety of image formats to ease migration from other virtualization platforms. The qemu-img tools are used to deal with these images. Unfortunately, OpenStack developers had to learn that qemu-img is not as robust as expected when dealing with untrusted images. This has lead to CVE-2022-47951 and CVE-2024-32498 and CVE-2024-40767 .
Analyzing all potentially vulnerable code paths, at least one had been overlooked
by developers before: When resizing VMs in Nova to a flavor with a new root
disk/ephemeral disk size, and Nova's flat image backend is in use, qemu-img is called
on the backing image file without an explicit format specifier, opening up the
possibility to overwrite files on the host system by writing a malicious QCOW header
to a root or ephemeral disk.
This vulnerability has been assigned CVE-2026-24708.
Impact on the SCS software ecosystem
By default, Nova uses cow images, i.e. use_cow_images in nova.conf defaults
to True.
This value is not changed in either OSISM nor yaook, so neither of these implementations is affected by the vulnerability. Operators need to have made a deliberate effort to override this setting.
If this setting is set to False, authenticated users may write malicious QCOW2
or VMDK headers to the disk and then use the VM resize to overwrite files on the host
with zeros, causing failure of the compute host.
The overwriting of arbitrary files with zeroes has been reproduced using QCOW headers; it may be possible to do more controlled damage (e.g. writing non-zeros) using more exotic features in e.g. the VMDK headers and this way cause more than a Denial-of-Service but gain privileges or exfiltrate data.
Operators that are using use_cow_images=False in their nova config are
advised to apply the fixes urgently or change this setting temporarily.
Embargo
The issue has been reported to the OpenStack Vulnerability Management Team in private. The reporters and upstream developers have worked together to address the issue with fixes and an embargo date has been set to Tuesday, 2026-02-17, 15:00 UTC (16:00 CET). At this point in time, the patches get merged and the OpenStack Security Advisory OSSA-2026-002 is published. The issue is tracked in OpenStack issue #2137507, which should become publically accessible after the lift of the embargo and the publication of this advisory.
Under the used responsible disclosure approach, the information was shared with a select group of trustable users of OpenStack, so they can prepare updates and protect their user data in time for the publication.
Mitigation and Fixes
The temporary fix for this issue is to avoid use_cow_images=false in
/etc/nova.conf. This will stop this issue from being triggered.
Alternatively, full glance format-inspector protection should help against
this.
There are patches from the upstream OpenStack developers available. They work
by passing -f raw to qemu-img when a resize happens with raw images and
-f qcow2 for QCOW2 images. Other images are disallowed for resizing.
The SCS ecosystem software providers will provide fixed nova-compute images and installation instructions here as soon as the updated images are available:
Thanks
The author would like to thank Dan Smith, Jay Faulkner, Sylvain Bauza, Melanie Witt, and Jeremy Stanley for reporting, reproducing, fixing and coordinating this issue.
Version history
- Mention glance format-inspector protection, v1.0, 2026-02-17, 15:30 CET.
- Typos fixed, v0.6, 2026-02-16, 15:45 CET.
- Initial Draft, v0.5, 2026-02-16, 15:00 CET.