CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

CVE-2025-52889

Incus (system container/VM manager) on versions 6.12–6.13 is vulnerable when an ACL on a bridge-connected device is used: nftables rules for local services can bypass security.mac_filtering, security.ipv4_filtering, and security.ipv6_filtering, enabling DHCP pool exhaustion and potential further ...

CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

Incus 安全漏洞

Incus is an LXC open source system container and virtual machine manager. A security vulnerability exists in Incus versions 6.12 and 6.13, which stems from a partial bypass of security options in the nftables rule and could lead to ARP spoofing...

Incus 安全漏洞

Incus is an LXC open source system container and virtual machine manager. A security vulnerability exists in Incus versions 6.12 and 6.13, which stems from a partial bypass of security options in the nftables rule, and could lead to DHCP pool exhaustion...

PT-2025-26863

Name of the Vulnerable Software and Affected Versions: Incus versions 6.12 and 6.13 Description: Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, it generates nftables rules that partially bypass security options security.mac filtering,...

Fedora: Security Advisory (FEDORA-2024-0912cd3ad9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: incus-6.12-1.fc41

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 42 Update: incus-6.12-1.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

Fedora 41 : incus (2025-5fce1e4f70)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5fce1e4f70 advisory. Rebase to Incus 6.12 to fix a variety of issues Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

PT-2025-26862 · Incus · Incus

Name of the Vulnerable Software and Affected Versions: Incus versions 6.12 through 6.13 Description: Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, it generates nftables rules for local services, such as DHCP and DNS, that partially...

[SECURITY] Fedora 41 Update: incus-6.8-1.fc41

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

Fedora 41 : incus (2024-0912cd3ad9)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-0912cd3ad9 advisory. Update to 6.8 to get various features and fixes Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...