Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2015-1334

Published: 12/08/2015 Updated: 31/05/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Lxc

Vulnerability Summary

attach.c in LXC 1.1.2 and previous versions uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.

Vulnerable Product Search on Vulmon Subscribe to Product

linuxcontainers lxc

Vendor Advisories

Ubuntu Security Notice: lxc vulnerabilities
Several security issues were fixed in LXC ...
Debian CVElist Bug Report Logs: lxc: CVE-2015-1335
Debian Bug report logs - #800471 lxc: CVE-2015-1335 Package: src:lxc; Maintainer for src:lxc is pkg-lxc <pkg-lxc-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 29 Sep 2015 20:36:01 UTC Severity: serious Tags: fixed-upstream, patch, security, upstream Found in version ...
Debian CVElist Bug Report Logs: CVE-2015-1331 CVE-2015-1334
Debian Bug report logs - #793298 CVE-2015-1331 CVE-2015-1334 Package: lxc; Maintainer for lxc is pkg-lxc <pkg-lxc-devel@listsaliothdebianorg>; Source for lxc is src:lxc (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 22 Jul 2015 15:15:01 UTC Severity: grave Tags: fixed-upstream, ...
Debian Security Advisories: DSA-3317-1 lxc -- security update
Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files A local attacker could exploit this flaw to create an arbitrary ...

References

CWE-17http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.htmlhttps://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9ehttp://www.ubuntu.com/usn/USN-2675-1http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.htmlhttp://www.debian.org/security/2015/dsa-3317https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.htmlhttp://www.securityfocus.com/bid/75998http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.htmlhttps://usn.ubuntu.com/2675-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook