CVE-2026-43003

A flaw was found in OpenStack ironic-python-agent IPA. The Ironic Python Agent sometimes executes the grub-install command from within a chroot environment of a deployed partition image. This allows an attacker, by providing a malicious image, to achieve arbitrary code execution within the system...

Linux Distros Unpatched Vulnerability : CVE-2026-43003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of t...

OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

Unsafe Dependency Resolution

Overview ironic-python-agent is an Ironic Python Agent Ramdisk Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the grub-install process. An attacker can achieve code execution by providing a malicious partition image that is deployed and subsequently chrooted ...

GHSA-RMXR-45GJ-889W OpenStack Ironic Python Agent Includes Functionality from Untrusted Control Sphere

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

EUVD-2026-26489

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

OpenStack ironic-python-agent 安全漏洞

OpenStack ironic-python-agent is an open-source proxy program for bare metal nodes in OpenStack. There are security vulnerabilities in the version of OpenStack ironic-python-agent from 1.0.0 to 11.5.0. These vulnerabilities stem from the execution of grub-install within a chroot environment, whic...

PT-2026-36307

Name of the Vulnerable Software and Affected Versions OpenStack ironic-python-agent versions 1.0.0 through 11.5.0 Description Ironic Python Agent IPA may execute the grub-install function from within a chroot of the deployed partition image. This behavior can lead to arbitrary code execution if a...

CVE-2026-43003

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

CVE-2026-43003

CVE-2026-43003 affects OpenStack Ironic Python Agent (IPA) versions 1.0.0 through 11.5.0. The issue arises when IPA sometimes executes grub-install from within a chroot of the deployed partition image, enabling code execution in the presence of a malicious image. The CVSSv3.1 metrics indicate a h...

SUSE-SU-2022:2073-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 bsc1198581 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap bsc1191184 - CVE-2021-3696: Fixed that a crafted PNG image could lead to...