Known Vulnerabilities for Lxc by Linuxcontainers
Listed below are 10 of the newest known vulnerabilities associated with "Lxc" by "Linuxcontainers".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... | 8.6 - HIGH | 2019-02-11 | 2024-02-02 |
| CVE-2018-6556 | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be u... | 3.3 - LOW | 2018-08-10 | 2019-05-31 |
| CVE-2017-18641 | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to... | 8.1 - HIGH | 2020-02-10 | 2020-02-12 |
| CVE-2017-5985 | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the h... | 3.3 - LOW | 2017-03-14 | 2019-10-03 |
| CVE-2016-10124 | An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv ses... | 8.6 - HIGH | 2017-01-09 | 2017-11-13 |
| CVE-2016-8649 | lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherite... | 9.1 - CRITICAL | 2017-05-01 | 2018-10-26 |
| CVE-2015-1335 | lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via... | 7.2 - HIGH | 2015-10-01 | 2019-05-31 |
| CVE-2015-1334 | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppAr... | 4.6 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2015-1331 | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | 4.9 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2013-6441 | The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init,... | 7.2 - HIGH | 2014-02-14 | 2014-02-18 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Linuxcontainers | Lxc | 4.0.5 | All | All | All |
| Application | Linuxcontainers | Lxc | 4.0.4 | All | All | All |
| Application | Linuxcontainers | Lxc | 4.0.3 | All | All | All |
| Application | Linuxcontainers | Lxc | 4.0.2 | All | All | All |
| Application | Linuxcontainers | Lxc | 4.0.1 | All | All | All |
| Application | Linuxcontainers | Lxc | 4.0.0 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.2.1 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.2.0 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.1.0 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.0.3 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.0.2 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.0.1 | All | All | All |
| Application | Linuxcontainers | Lxc | 3.0.0 | beta4 | All | All |
| Application | Linuxcontainers | Lxc | 3.0.0 | beta3 | All | All |
| Application | Linuxcontainers | Lxc | 3.0.0 | beta2 | All | All |
| Application | Linuxcontainers | Lxc | 3.0.0 | beta1 | All | All |
| Application | Linuxcontainers | Lxc | 3.0.0 | All | All | All |
| Application | Linuxcontainers | Lxc | 2.1.1 | All | All | All |
| Application | Linuxcontainers | Lxc | 2.1.0 | All | All | All |
| Application | Linuxcontainers | Lxc | 2.0.9 | All | All | All |