Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lxc vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-33634
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
Openeuler Icr
3.3
CVSSv3
CVE-2022-47952
lxc-user-nic in lxc up to and including 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer ...
Linuxcontainers Lxc
1 Github repository
7.8
CVSSv3
CVE-2020-8933
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can at...
Google Guest-oslogin
Opensuse Leap 15.1
Opensuse Leap 15.2
8.1
CVSSv3
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.
Linuxcontainers Lxc 2.0.0
7.8
CVSSv3
CVE-2017-18509
An issue exists in net/ipv6/ip6mr.c in the Linux kernel prior to 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstanc...
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
3.3
CVSSv3
CVE-2018-6556
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side e...
Canonical Ubuntu Linux 18.04
Linuxcontainers Lxc
Suse Suse Linux Enterprise Server 11
Suse Caas Platform 2.0
Suse Openstack Cloud 6
Suse Caas Platform 1.0
Opensuse Leap 15.0
1 Github repository
9.1
CVSSv3
CVE-2016-8649
lxc-attach in LXC prior to 1.0.9 and 2.x prior to 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Linuxcontainers Lxc
3.3
CVSSv3
CVE-2017-5985
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
Linuxcontainers Lxc
8.6
CVSSv3
CVE-2016-10124
An issue exists in Linux Containers (LXC) prior to 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an malicious user to escape t...
Linuxcontainers Lxc
7.8
CVSSv3
CVE-2016-3096
The create_script function in the lxc_container module in Ansible prior to 1.9.6-1 and 2.x prior to 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path direct...
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Redhat Ansible
Redhat Ansible 2.0
Redhat Ansible 2.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »