Lxc Linuxcontainers Lxc

stack.watch can email you when security vulnerabilities are reported in Linuxcontainers Lxc. You can add multiple products that you use with Lxc to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Linuxcontainers Lxc . Lxc did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 0 0.00
2019 1 8.60
2018 1 3.30

It may take a day or so for new Lxc vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Linuxcontainers Lxc Security Vulnerabilities

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access

CVE-2019-5736 8.6 - High - February 11, 2019

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

CVE-2019-5736 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Containment Errors (Container Errors)

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path

CVE-2018-6556 3.3 - Low - August 10, 2018

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.

CVE-2018-6556 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Channel and Path Errors