CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:C/A:N
AI Score
Confidence
High
EPSS
Percentile
28.9%
Roman Fiedler discovered that LXC had a directory traversal flaw when creating
lock files. A local attacker could exploit this flaw to create an arbitrary
file as the root user. (CVE-2015-1331)
Roman Fiedler discovered that LXC incorrectly trusted the container’s proc
filesystem to set up AppArmor profile changes and SELinux domain transitions. A
local attacker could exploit this flaw to run programs inside the container
that are not confined by AppArmor or SELinux. (CVE-2015-1334)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 15.04 | noarch | liblxc1 | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | liblxc1-dbgsym | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lua-lxc | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lua-lxc-dbgsym | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc-dbg | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc-dbgsym | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc-dev | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc-dev-dbgsym | < 1.1.2-0ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | lxc-templates | < 1.1.2-0ubuntu3.1 | UNKNOWN |