Code injection

2015-11-1715:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors.

CPENameOperatorVersion
ubuntu_linuxeq15.10

CPE	Name	Operator	Version
	ubuntu_linux	eq	15.10

References

www.ubuntu.com/usn/USN-2809-1

bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689

github.com/lxc/lxd/issues/1307