Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxcontainers lxc vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2022-47952
lxc-user-nic in lxc up to and including 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer ...
Linuxcontainers Lxc
1 Github repository
8.1
CVSSv3
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
Linuxcontainers Lxc 2.0.0
3.3
CVSSv3
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
9.1
CVSSv3
CVE-2016-8649
lxc-attach in LXC prior to 1.0.9 and 2.x prior to 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Linuxcontainers Lxc
3.3
CVSSv3
CVE-2017-5985
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
Linuxcontainers Lxc
8.6
CVSSv3
CVE-2016-10124
An issue exists in Linux Containers (LXC) prior to 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an malicious user to escape t...
Linuxcontainers Lxc
NA
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.0
Linuxcontainers Lxc 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-1331
lxclock.c in LXC 1.1.2 and previous versions allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
Linuxcontainers Lxc
NA
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
NA
CVE-2013-6441
The lxc-sshd template (templates/lxc-sshd.in) in LXC prior to 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
Linuxcontainers Lxc 0.7.4.2
Linuxcontainers Lxc 0.7.4.1
Linuxcontainers Lxc 0.7.3
Linuxcontainers Lxc 0.7.2
Linuxcontainers Lxc 0.2.1
Linuxcontainers Lxc 0.2.0
Linuxcontainers Lxc 0.1.0
Linuxcontainers Lxc 0.6.2
Linuxcontainers Lxc 0.6.1
Linuxcontainers Lxc 0.6.0
Linuxcontainers Lxc 0.5.2
Linuxcontainers Lxc 0.8.0
Linuxcontainers Lxc 0.7.4
Linuxcontainers Lxc 0.7.1
Linuxcontainers Lxc 0.6.5
Linuxcontainers Lxc 0.6.3
Linuxcontainers Lxc 0.5.1
Linuxcontainers Lxc 0.4.0
Linuxcontainers Lxc
Linuxcontainers Lxc 0.7.5
Linuxcontainers Lxc 0.7.0
Linuxcontainers Lxc 0.6.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started