lxc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Linux Containers
Version 1:3.1.0-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-893 1:3.1.0-1 High Not affected
AVG-754 1:3.0.1-1 1:3.0.2-1 High Fixed
AVG-204 1:2.0.7-1 1:2.0.8-1 Low Fixed
Issue Group Severity Remote Type Description
CVE-2019-5736 AVG-893 High Yes Privilege escalation
A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary...
CVE-2018-6556 AVG-754 High No Arbitrary filesystem access
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to...
CVE-2017-5985 AVG-204 Low No Insufficient validation
This security issue was reported by Jann Horn and has to do with a lack of netns ownership check in lxc-user-nic, which would allow any user with a...

Advisories

Date Advisory Group Severity Description
13 May 2017 ASA-201705-17 AVG-204 Low insufficient validation