Known Vulnerabilities for products from Linuxcontainers
Listed below are 18 of the newest known vulnerabilities associated with the vendor "Linuxcontainers".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33945 | Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in ... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33898 | Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` inc... | Not Provided | 2026-03-27 | 2026-04-01 |
| CVE-2026-33897 | Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to caus... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33743 | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup c... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33711 | Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33542 | Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerpri... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary... | 8.6 - HIGH | 2019-02-11 | 2024-02-02 |
| CVE-2018-6556 | lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be u... | 3.3 - LOW | 2018-08-10 | 2019-05-31 |
| CVE-2017-18641 | In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to... | 8.1 - HIGH | 2020-02-10 | 2020-02-12 |
| CVE-2017-5985 | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the h... | 3.3 - LOW | 2017-03-14 | 2019-10-03 |
| CVE-2016-10124 | An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv ses... | 8.6 - HIGH | 2017-01-09 | 2017-11-13 |
| CVE-2016-8649 | lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherite... | 9.1 - CRITICAL | 2017-05-01 | 2018-10-26 |
| CVE-2015-1340 | LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the File... | 8.1 - HIGH | 2019-04-22 | 2019-10-09 |
| CVE-2015-1335 | lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via... | 7.2 - HIGH | 2015-10-01 | 2019-05-31 |
| CVE-2015-1334 | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppAr... | 4.6 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2015-1331 | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. | 4.9 - MEDIUM | 2015-08-12 | 2019-05-31 |
| CVE-2014-1425 | cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup valu... | 2.1 - LOW | 2015-01-07 | 2015-01-08 |
| CVE-2013-6441 | The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init,... | 7.2 - HIGH | 2014-02-14 | 2014-02-18 |