CVE-2026-39402

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

SUSE-SU-2023:2356-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2023-2700: Fixed a memory leak that could be triggered by repeatedly querying an SR-IOV PCI device's capabilities bsc1211390. Non-security fixes: - Fixed a potential crash during driver cleanup bsc1209861. - Added Apparmor support for SUSE...

SUSE CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

SUSE CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

CVE-2020-8933

Removed by vendor...

PT-2020-3712 · Google +1 · Google Cloud +1

Name of the Vulnerable Software and Affected Versions: Google Cloud OS guest-oslogin versions 20190304 through 20200507 Description: The issue is related to incorrect default permission settings in the guest-oslogin feature of Google Cloud OS. This allows an attacker to escalate privileges to roo...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2019-1118)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-18509

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inetcsklistenstop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue...

EulerOS 2.0 SP3 : libvirt (EulerOS-SA-2019-1314)

According to the version of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intende...

Medium: libvirt

Issue Overview: util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.CVE-2018-6764 Affected Packages: libvirt Note:...

EulerOS Virtualization 2.5.1 : libvirt (EulerOS-SA-2018-1253)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU...

Updated libvirt packages fix security vulnerabilities

Updated libvirt packages fix security vulnerabilities: In virsh, the hostname could crafted maliciously with ssh arguments, which would be passed to ssh bsc1053600. The defaulttlsx509verify and related parameters in qemu.conf control whether the TLS servers in QEMU request & verify certificates...

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module...

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module...

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module...

CVE-2018-6764

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module...

DEBIAN-CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

PYSEC-2016-1

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

UBUNTU-CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...