qemu-nbd format-guessing due to missing format specification

The qemu-nbd tool (shipped in the Xen hypervisor tools distribution as qemu-nbd-xen) autodetects the image format.

If a particular disk image is intended to be raw, a guest operating system administrator could write a header to the image, describing another format than original one. This could lead to a scenario in which after restart of that guest, qemu-nbd would detect the new apparent format of the image, including a specified backing file or device, which could allow the guest to read any file on the host.

privilege abuse



Add -f FMT / –format FMT arg to qemu-nbd

Currently the qemu-nbd program will auto-detect the format of any disk it is given. This behaviour is known to be insecure. For example, if qemu-nbd initially exposes a ‘raw’ file to an unprivileged app, and that app runs

qemu-img create -f qcow2 -o backing_file=/etc/shadow /dev/nbd0'

then the next time the app is started, the qemu-nbd will now detect it as a ‘qcow2’ file and expose /etc/shadow to the unprivileged app.

The only way to avoid this is to explicitly tell qemu-nbd what disk format to use on the command line, completely disabling auto-detection. This patch adds a ‘-f’ / ‘–format’ arg for this purpose, mirroring what is already available via qemu-img and qemu commands.

qemu-nbd --format raw -p 9000 evil.img

will now always use raw, regardless of what format ‘evil.img’ looks like it contains


If qemu-nbd is used, a malicious guest administrator may be able to read any file on the host, depending exactly how.

information leak