CVE-2026-43003
8
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| OpenStack | ironic-python-agent | 0 < 10.2.3 | affected |
| OpenStack | ironic-python-agent | 11.0.0 < 11.2.1 | affected |
| OpenStack | ironic-python-agent | 11.3.0 < 11.5.1 | affected |
Weaknesses
- CWE-829: CWE-829 Inclusion of Functionality from Untrusted Control Sphere
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
ironic-python-agent: OpenStack ironic-python-agent: Arbitrary code execution via malicious image
Additional References
- https://access.redhat.com/security/cve/CVE-2026-43003
- https://bugzilla.redhat.com/show_bug.cgi?id=2464306
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43003.json
References
- https://bugs.launchpad.net/ironic-python-agent/+bug/2148310
- https://github.com/openstack/ironic-python-agent/blob/236b33abffe6688afc39c21e351cc3889b3db2dd/ironic_python_agent/efi_utils.py#L134-L139
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.