Known Vulnerabilities for products from Linuxcontainers
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Linuxcontainers".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33945 json | Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in ... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33898 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` inc... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33897 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to caus... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33743 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup c... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33711 json | Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33542 json | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerpri... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2022-47952 json | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even ... | 3.3 - LOW | 2023-01-01 | 2023-08-21 |
| CVE-2019-5736 json | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... | 8.6 - HIGH | 2019-02-11 | 2024-02-02 |
| CVE-2018-6556 json | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be u... | 3.3 - LOW | 2018-08-10 | 2019-05-31 |
| CVE-2017-18641 json | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to... | 8.1 - HIGH | 2020-02-10 | 2020-02-12 |
| CVE-2017-5985 json | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the h... | 3.3 - LOW | 2017-03-14 | 2019-10-03 |
| CVE-2016-10124 json | An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv ses... | 8.6 - HIGH | 2017-01-09 | 2017-11-13 |
| CVE-2016-8649 json | lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherite... | 9.1 - CRITICAL | 2017-05-01 | 2018-10-26 |
| CVE-2015-1340 json | LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the File... | 8.1 - HIGH | 2019-04-22 | 2019-10-09 |
| CVE-2015-1335 json | lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via... | 7.2 - HIGH | 2015-10-01 | 2019-05-31 |
| CVE-2015-1334 json | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppAr... | 4.6 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2015-1331 json | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | 4.9 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2014-1425 json | cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup valu... | 2.1 - LOW | 2015-01-07 | 2015-01-08 |
| CVE-2013-6441 json | The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init,... | 7.2 - HIGH | 2014-02-14 | 2014-02-18 |