Lucene search
UbuntuUSN-2753-1HistorySep 29, 2015 - 12:00 a.m.
LXC vulnerability
2015-09-2900:00:00
ubuntu.com
50
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
High
EPSS
0.001
Percentile
28.1%
Releases
- Ubuntu 15.04
- Ubuntu 14.04 ESM
Packages
- lxc - Linux Containers userspace tools
Details
Roman Fiedler discovered a directory traversal flaw in lxc-start. A local
attacker with access to an LXC container could exploit this flaw to run
programs inside the container that are not confined by AppArmor or expose
unintended files in the host to the container.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.04 | noarch | lxc | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | liblxc1 | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | liblxc1-dbgsym | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lua-lxc | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lua-lxc-dbgsym | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lxc-dbg | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lxc-dbgsym | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lxc-dev | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lxc-dev-dbgsym | < 1.1.2-0ubuntu3.2 | UNKNOWN |
| Ubuntu | 15.04 | noarch | lxc-templates | < 1.1.2-0ubuntu3.2 | UNKNOWN |
References
Related
openvas
openvas
Fedora Update for lxc FEDORA-2015-211974138
2015-11-12 00:00:00
Debian: Security Advisory (DSA-3400-1)
2015-11-18 00:00:00
Debian Security Advisory DSA 3400-1 (lxc - security update)
2015-11-19 00:00:00
oraclelinux
oraclelinux
lxc security update
2015-10-15 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: lxc-1.1.4-2.fc23
2015-11-01 02:55:00
[SECURITY] Fedora 22 Update: lxc-1.1.4-2.fc22
2015-11-12 00:22:27
[SECURITY] Fedora 21 Update: lxc-1.0.7-4.fc21
2015-11-12 00:49:49
debian
debian
[SECURITY] [DSA 3400-1] lxc security update
2015-11-19 19:55:59
[SECURITY] [DSA 3400-1] lxc security update
2015-11-19 19:55:59
[SECURITY] [DLA 442-1] lxc security update
2016-02-29 14:41:59
nessus
nessus
openSUSE Security Update : lxc (openSUSE-2015-648)
2015-10-12 00:00:00
Fedora 23 : lxc-1.1.4-2.fc23 (2015-9f8f4b182a)
2016-03-04 00:00:00
Oracle Linux 6 / 7 : lxc (ELSA-2015-3087)
2015-10-19 00:00:00
mageia
mageia
Updated lxc packages fix security vulnerability
2016-01-29 14:02:50
cve
cve
CVE-2015-1335
2015-10-01 20:59:00
cvelist
cvelist
CVE-2015-1335
2015-10-01 20:00:00
ubuntucve
ubuntucve
CVE-2015-1335
2015-09-29 00:00:00
debiancve
debiancve
CVE-2015-1335
2015-10-01 20:59:00
prion
prion
Code injection
2015-10-01 20:59:00
nvd
nvd
CVE-2015-1335
2015-10-01 20:59:00
osv
osv
lxc - security update
2016-02-29 00:00:00
liblxc-devel-2.0.4-2.1 on GA media
2024-06-15 00:00:00
securityvulns
securityvulns
LXC directory traversal
2015-07-27 00:00:00
suse
suse
Security update for lxc, lxcfs (important)
2019-05-31 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
High
EPSS
0.001
Percentile
28.1%
Related for USN-2753-1