Not a user yet?
Log in Register for free Suggest a product
Update

USN-8049-1: Nova vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical

USN-8049-1: Nova vulnerability
Publication date: 17 February 2026
Overview: Nova could be made to destroy data.

Packages
nova - OpenStack Compute cloud infrastructure

Details
Dan Smith discovered that Nova incorrectly called qemu-img without a format
restriction when resizing disks. An attacker could possibly use this issue
to destroy data on the host system.

Update instructions
The problem can be corrected by updating your system to the following package versions:

25.10 questing

  • nova-common – 3:32.0.0-0ubuntu1.1
  • python3-nova – 3:32.0.0-0ubuntu1.1

24.04 LTS noble

  • nova-common – 3:29.2.0-0ubuntu1.3
  • python3-nova – 3:29.2.0-0ubuntu1.3

22.04 LTS jammy

  • nova-common – 3:25.2.1-0ubuntu2.10
  • python3-nova – 3:25.2.1-0ubuntu2.10
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad