Known Vulnerabilities for Lxc by Linuxcontainers
Listed below are 10 of the newest known vulnerabilities associated with "Lxc" by "Linuxcontainers".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-47952 json | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even ... | 3.3 - LOW | 2023-01-01 | 2023-08-21 |
| CVE-2019-5736 json | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... | 8.6 - HIGH | 2019-02-11 | 2024-02-02 |
| CVE-2018-6556 json | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be u... | 3.3 - LOW | 2018-08-10 | 2019-05-31 |
| CVE-2017-18641 json | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to... | 8.1 - HIGH | 2020-02-10 | 2020-02-12 |
| CVE-2017-5985 json | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the h... | 3.3 - LOW | 2017-03-14 | 2019-10-03 |
| CVE-2016-10124 json | An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv ses... | 8.6 - HIGH | 2017-01-09 | 2017-11-13 |
| CVE-2016-8649 json | lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherite... | 9.1 - CRITICAL | 2017-05-01 | 2018-10-26 |
| CVE-2015-1335 json | lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via... | 7.2 - HIGH | 2015-10-01 | 2019-05-31 |
| CVE-2015-1334 json | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppAr... | 4.6 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2015-1331 json | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | 4.9 - MEDIUM | 2015-08-12 | 2019-05-31 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Linuxcontainers | Lxc | 4.0.5 | |||
| Application | Linuxcontainers | Lxc | 4.0.4 | |||
| Application | Linuxcontainers | Lxc | 4.0.3 | |||
| Application | Linuxcontainers | Lxc | 4.0.2 | |||
| Application | Linuxcontainers | Lxc | 4.0.1 | |||
| Application | Linuxcontainers | Lxc | 4.0.0 | |||
| Application | Linuxcontainers | Lxc | 3.2.1 | |||
| Application | Linuxcontainers | Lxc | 3.2.0 | |||
| Application | Linuxcontainers | Lxc | 3.1.0 | |||
| Application | Linuxcontainers | Lxc | 3.0.3 | |||
| Application | Linuxcontainers | Lxc | 3.0.2 | |||
| Application | Linuxcontainers | Lxc | 3.0.1 | |||
| Application | Linuxcontainers | Lxc | 3.0.0 | |||
| Application | Linuxcontainers | Lxc | 3.0.0 | |||
| Application | Linuxcontainers | Lxc | 3.0.0 | |||
| Application | Linuxcontainers | Lxc | 3.0.0 | |||
| Application | Linuxcontainers | Lxc | 3.0.0 | |||
| Application | Linuxcontainers | Lxc | 2.1.1 | |||
| Application | Linuxcontainers | Lxc | 2.1.0 | |||
| Application | Linuxcontainers | Lxc | 2.0.9 |