UBUNTU-CVE-2016-10124

An issue was discovered in Linux Containers LXC before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container...

Fedora 25 : lxc (2016-868350fe5a)

Update LXC to the latest stable version. See here for the list of changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

USN-3136-1 lxc vulnerability

Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container...

USN-3136-1: LXC vulnerability

Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container...

Proxmox VE 34 - Insecure Hostname Checking Remote Command Execution

Proxmox VE 34 - Insecure Hostname Checking Remote Command Execution ===================================================================== Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit, XSS, Privileges escalation =====================================================================...

Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit

Exploit for linux platform in category remote exploits ===================================================================== Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit, XSS, Privileges escalation ===================================================================== Description...

Proxmox VE 3/4 - Insecure Hostname Checking Remote Command Execution

===================================================================== Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit, XSS, Privileges escalation ===================================================================== Description =========== Proxmox is a popular virtualization solutio...

Debian DSA-3400-1 : lxc - security update

Roman Fiedler discovered a directory traversal flaw in LXC, the Linux Containers userspace tools. A local attacker with access to a LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container...

[SECURITY] [DSA 3400-1] lxc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3400-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2015 https://www.debian.org/security/faq -...

DSA-3400-1 lxc - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3400-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2753-3 lxc regression

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had a path that contained a '/./' directory specified as a bind mount target in their configuration file. This update fixes the...

LXC Elevation of Privilege Vulnerability

LXC LinuX Containers is a user-space interface to the Linux kernel's container functionality that makes it easy for Linux users to create and manage system or application containers with a powerful API and simple tools. An elevation of privilege vulnerability exists in LXC versions prior to 1.0.8...

USN-2753-2 lxc regression

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had an absolute path specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for th...

LXC Code Injection Vulnerability

LXC LinuX Containers is a user-space interface to the Linux kernel's container functionality that makes it easy for Linux users to create and manage system or application containers through a powerful API and simple tools. A security vulnerability exists in the attach.c file in LXC 1.1.2 and...

DEBIAN-CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

Debian DSA-3317-1 : lxc - security update

Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker cou...

Debian: Security Advisory (DSA-3317-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2675-1 lxc vulnerabilities

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. CVE-2015-1331 Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

[USN-2104-1] LXC vulnerability

========================================================================== Ubuntu Security Notice USN-2104-1 February 12, 2014 lxc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...