CVE-2016-8649

🗓️ 01 May 2017 06:08:00Reported by redhatType

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls

Reporter	Title	Published	Views	Family All 31
CNVD	LXC Directory Traversal Vulnerability	29 Nov 201600:00	–	cnvd
Cvelist	CVE-2016-8649	1 May 201706:08	–	cvelist
Debian CVE	CVE-2016-8649	1 May 201706:08	–	debiancve
EUVD	EUVD-2016-9488	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 23 Update: lxc-2.0.6-2.fc23	14 Dec 201600:51	–	fedora
Fedora	[SECURITY] Fedora 24 Update: lxc-2.0.6-2.fc24	13 Dec 201622:54	–	fedora
Fedora	[SECURITY] Fedora 25 Update: lxc-2.0.6-2.fc25	13 Dec 201620:28	–	fedora
Tenable Nessus	Fedora 25 : lxc (2016-868350fe5a)	14 Dec 201600:00	–	nessus
Tenable Nessus	Fedora 24 : lxc (2016-b4dd1db1e7)	14 Dec 201600:00	–	nessus
Tenable Nessus	Fedora 23 : lxc (2016-e5ff0ed40c)	14 Dec 201600:00	–	nessus

NVD

Vulners

Node

linuxcontainers lxcRange<1.0.9

linuxcontainers lxcRange2.0.0–2.0.6

[
  {
    "product": "LXC before 1.0.9 and 2.x before 2.0.6",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "LXC before 1.0.9 and 2.x before 2.0.6"
      }
    ]
  }
]

Source	Link
github	www.github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugs	www.bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345
securityfocus	www.securityfocus.com/bid/94498
security-tracker	www.security-tracker.debian.org/tracker/CVE-2016-8649

13 May 2026 00:24Current

8.9High risk

Vulners AI Score8.9

CVSS 29

CVSS 39.1

EPSS0.02154

CWE-264