CVE-2026-33743

Incus (system container/VM manager) prior to 6.23.0 is affected by a denial-of-service issue triggered by a specially crafted storage bucket backup. An authenticated user with access to Incus’ storage bucket feature can crash the Incus daemon; repeated use can keep the server offline and cause a ...

CVE-2026-33743 Incus vulnerable to denial of source through crafted bucket backup file

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

CVE-2026-33711

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711 Incus vulnerable to local privilege escalation through VM screenshot path

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711 Incus vulnerable to local privilege escalation through VM screenshot path

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711 Incus vulnerable to local privilege escalation through VM screenshot path

Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable...

CVE-2026-33711

CVE-2026-33711 affects Incus: the VM VGA screenshot path uses a predictable /tmp file (incus_screenshot_). If an attacker has local access and kernel protected_symlinks is disabled, they can pre-place symlinks to point to host files, cause truncation and ownership changes via the QEMU screenshot ...

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

CVE-2026-33542

CVE-2026-33542 affects Incus, a system container and VM manager. Prior to version 6.23.0, there is a lack of validation of the image fingerprint when downloading from simplestreams image servers, which can lead to image cache poisoning and, under very narrow circumstances, exposure of other tenan...

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

Incus 安全漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of predictable temporary file paths, which could lead to denial-of-service attacks or local privilege escalati...

Incus 安全漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the pongo2 template in instance template files, which bypassed the chroot isolation mechanism, potentially allowing...

Incus 安全漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 contained security vulnerabilities; these vulnerabilities stemmed from the exploitation of specially crafted bucket backups, which could lead to denial-of-service attacks...

Incus 信任管理问题漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 had a vulnerability related to trust management. This vulnerability stemmed from the lack of image fingerprint verification during the download from the simplestreams image server, which...

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insufficient policy enforcement in the Trusted Platform Module TPM during the disk decryption process. An attacker can gain unauthorized access to encrypted data by physically replacing the ro...

incus-6.22-1.1 on GA media (moderate)

incus-6.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10280-1 Rating: moderate Cross-References: CVE-2026-23953 CVE-2026-23954 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...