PT-2026-28560

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus, a system container and virtual machine manager, allows instance template files to be used to perform arbitrary read and write operations as root on the host server. The software utilizes pongo2...

PT-2026-4281

Name of the Vulnerable Software and Affected Versions Incus versions 6.20.0 and below Description Incus is a system container and virtual machine manager. A user with the ability to launch a container with a custom YAML configuration can create an environment variable containing newlines. This ca...

PT-2026-28494

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus lacks validation of the image fingerprint when downloading from simplestreams image servers. This can lead to image cache poisoning, potentially allowing an attacker to provide a compromised ima...

PT-2026-4295

Name of the Vulnerable Software and Affected Versions Incus versions 6.21.0 and below IncusOS affected versions not specified Description Incus is a system container and virtual machine manager. A flaw exists where a user capable of launching containers with custom images e.g., a member of the...

ROS-20251216-7352

Vulnerability in incus related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

GO-2025-4115 Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus

Incus vulnerable to local privilege escalation through custom storage volumes in github.com/lxc/incus...

Incus vulnerable to local privilege escalation through custom storage volumes

Impact This affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would ...

EUVD-2025-50816

Incus vulnerable to local privilege escalation through custom storage volumes...

GHSA-56MX-8G9F-5CRF Incus vulnerable to local privilege escalation through custom storage volumes

Impact This affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would ...

SUSE CVE-2025-64507

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

CVE-2025-64507

An issue in Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would be systems...

Debian: Security Advisory (DSA-6051-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-64507

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

UBUNTU-CVE-2025-64507

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

CVE-2025-64507 Incus vulnerable to local privilege escalation through custom storage volumes

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

CVE-2025-64507

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

CVE-2025-64507

CVE-2025-64507 affects Incus/LXD: in versions prior to 6.0.6 and 6.19.0 an unprivileged user who can access a container and a host with a custom storage volume that has security.shifted=true may create a setuid binary inside the container and execute it on the host to gain root. The issue require...

[BSA-126] Security Update for incus

Mathias Gibbens uploaded new packages for incus which fixed the following security problems: CVE ID : CVE-2025-64507 It was discovered that Incus, a system container and virtual machine manager, is prone to a local privilege escalation vulnerability if unprivileged users are allowed access to Inc...

[SECURITY] [DSA 6051-1] incus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6051-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2025 https://www.debian.org/security/faq -...