Ubuntu Security Notice 1305-1 - David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user.
f84f44b31aadbdecd709f8bf9fc1bd56df308540113ec0f59b7e4946f5bb2641