While the Ironic vmt support tag is being worked on, here is an impact description draft that could be use to request a CVE. Please make sure it is accurate:
Title: Ironic does not honor clean steps
Reporter: Jim Rollenhagen (Rackspace)
Products: Ironic
Affects: >= 4.2.0, <= 4.2.1
Description:
Jim Rollenhagen from Rackspace reported a vulnerability in Ironic. To prevent user data leak, Ironic is expected to "clean" a server after use, however that is transparently not happening. Previous tenant's data may be left behind on the disk and may be available to new users. All Ironic setup are affected.
Does this bug also reproduces before 4.2.0 ? /security. openstack. org/#how- to-propose- and-review- a-security- patch ) ?
Also, can you attach properly formated patch (see https:/
While the Ironic vmt support tag is being worked on, here is an impact description draft that could be use to request a CVE. Please make sure it is accurate:
Title: Ironic does not honor clean steps
Reporter: Jim Rollenhagen (Rackspace)
Products: Ironic
Affects: >= 4.2.0, <= 4.2.1
Description:
Jim Rollenhagen from Rackspace reported a vulnerability in Ironic. To prevent user data leak, Ironic is expected to "clean" a server after use, however that is transparently not happening. Previous tenant's data may be left behind on the disk and may be available to new users. All Ironic setup are affected.