Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxcontainers lxc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47952
lxc-user-nic in lxc up to and including 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer ...
Linuxcontainers Lxc
1 Github repository
9.3
CVSSv2
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
Linuxcontainers Lxc 2.0.0
2.1
CVSSv2
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
9
CVSSv2
CVE-2016-8649
lxc-attach in LXC prior to 1.0.9 and 2.x prior to 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Linuxcontainers Lxc
2.1
CVSSv2
CVE-2017-5985
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
Linuxcontainers Lxc
5
CVSSv2
CVE-2016-10124
An issue exists in Linux Containers (LXC) prior to 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an malicious user to escape t...
Linuxcontainers Lxc
7.2
CVSSv2
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.0
Linuxcontainers Lxc 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
4.9
CVSSv2
CVE-2015-1331
lxclock.c in LXC 1.1.2 and previous versions allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
Linuxcontainers Lxc
4.6
CVSSv2
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
7.2
CVSSv2
CVE-2013-6441
The lxc-sshd template (templates/lxc-sshd.in) in LXC prior to 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
Linuxcontainers Lxc 0.7.4.2
Linuxcontainers Lxc 0.7.4.1
Linuxcontainers Lxc 0.7.3
Linuxcontainers Lxc 0.7.2
Linuxcontainers Lxc 0.2.1
Linuxcontainers Lxc 0.2.0
Linuxcontainers Lxc 0.1.0
Linuxcontainers Lxc 0.6.2
Linuxcontainers Lxc 0.6.1
Linuxcontainers Lxc 0.6.0
Linuxcontainers Lxc 0.5.2
Linuxcontainers Lxc 0.8.0
Linuxcontainers Lxc 0.7.4
Linuxcontainers Lxc 0.7.1
Linuxcontainers Lxc 0.6.5
Linuxcontainers Lxc 0.6.3
Linuxcontainers Lxc 0.5.1
Linuxcontainers Lxc 0.4.0
Linuxcontainers Lxc
Linuxcontainers Lxc 0.7.5
Linuxcontainers Lxc 0.7.0
Linuxcontainers Lxc 0.6.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started