Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxcontainers lxc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47952
lxc-user-nic in lxc up to and including 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer ...
Linuxcontainers Lxc
1 Github repository
828
VMScore
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
Linuxcontainers Lxc 2.0.0
187
VMScore
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
801
VMScore
CVE-2016-8649
lxc-attach in LXC prior to 1.0.9 and 2.x prior to 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Linuxcontainers Lxc
187
VMScore
CVE-2017-5985
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
Linuxcontainers Lxc
445
VMScore
CVE-2016-10124
An issue exists in Linux Containers (LXC) prior to 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an malicious user to escape t...
Linuxcontainers Lxc
641
VMScore
CVE-2015-1335
lxc-start in lxc prior to 1.0.8 and 1.1.x prior to 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Linuxcontainers Lxc 1.1.2
Linuxcontainers Lxc 1.1.3
Linuxcontainers Lxc
Linuxcontainers Lxc 1.1.0
Linuxcontainers Lxc 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
436
VMScore
CVE-2015-1331
lxclock.c in LXC 1.1.2 and previous versions allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
Linuxcontainers Lxc
409
VMScore
CVE-2015-1334
attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
Linuxcontainers Lxc
641
VMScore
CVE-2013-6441
The lxc-sshd template (templates/lxc-sshd.in) in LXC prior to 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
Linuxcontainers Lxc 0.7.4.2
Linuxcontainers Lxc 0.7.4.1
Linuxcontainers Lxc 0.7.3
Linuxcontainers Lxc 0.7.2
Linuxcontainers Lxc 0.2.1
Linuxcontainers Lxc 0.2.0
Linuxcontainers Lxc 0.1.0
Linuxcontainers Lxc 0.6.2
Linuxcontainers Lxc 0.6.1
Linuxcontainers Lxc 0.6.0
Linuxcontainers Lxc 0.5.2
Linuxcontainers Lxc 0.8.0
Linuxcontainers Lxc 0.7.4
Linuxcontainers Lxc 0.7.1
Linuxcontainers Lxc 0.6.5
Linuxcontainers Lxc 0.6.3
Linuxcontainers Lxc 0.5.1
Linuxcontainers Lxc 0.4.0
Linuxcontainers Lxc
Linuxcontainers Lxc 0.7.5
Linuxcontainers Lxc 0.7.0
Linuxcontainers Lxc 0.6.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started