Lucene search
K

16 matches found

NVD
NVD
added 2015/08/12 2:59 p.m.14 views

CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

4.6CVSS8.2AI score0.0037EPSS
Exploits0References8
OSV
OSV
added 2015/08/12 2:59 p.m.10 views

CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

6AI score
Exploits0References8
CVE
CVE
added 2015/08/12 2:0 p.m.146 views

CVE-2015-1334

CVE-2015-1334 affects LXC 1.1.2 and earlier. The issue arises in attach.c where a container uses the proc filesystem; a local attacker can mount a /proc with a crafted AppArmor profile or SELinux label to escape confinement. This enables potential bypass of AppArmor/SELinux restrictions by local ...

4.6CVSS8AI score0.0037EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/08/11 12:0 a.m.20 views

Fedora 22 : lxc-1.1.2-2.fc22 (2015-12647)

Security fix for CVE-2015-1331, CVE-2015-1334. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

4.9CVSS5.5AI score0.00459EPSS
Exploits1References5
Mageia
Mageia
added 2015/08/07 7:20 p.m.32 views

Updated lxc package fixes security vulnerability

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user CVE-2015-1331. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

4.9CVSS8.4AI score0.00459EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/08/03 12:0 a.m.20 views

Oracle Linux 6 / 7 : lxc (ELSA-2015-3065)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3065 advisory. - Orabug 21533491 CVE-2015-1334: Don't use the container's /proc during attach Tenable has extracted the preceding description block directly from...

4.9CVSS5.7AI score0.00459EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2015/07/31 12:0 a.m.36 views

lxc security update

1.0.7-2.0.7 - Orabug 21533491 CVE-2015-1334: Don't use the container's /proc during attach 1.0.7-2.0.6 - Orabug 21526922 CVE-2015-1331: LXCLOCK: USE /RUN/LXC/LOCK RATHER THAN /RUN/LOCK/LXC...

4.9CVSS1.1AI score0.00459EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.23 views

openSUSE Security Update : lxc (openSUSE-2015-523)

lxc was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-1331: directory traversal flaw allowing arbitrary file creation as the root user bnc938522 - CVE-2015-1334: AppArmor or SELinux confinement escape via fake /proc bnc938523 %NASLMINLEVEL 70300 C Tenab...

4.9CVSS5.8AI score0.00459EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.28 views

openSUSE Security Update : lxc (openSUSE-2015-524)

lxc was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-1334: AppArmor or SELinux confinement escape via fake /proc bnc938523 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

4.6CVSS5.4AI score0.0037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/27 12:0 a.m.24 views

Debian DSA-3317-1 : lxc - security update

Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker cou...

4.9CVSS5.8AI score0.00459EPSS
Exploits1References7
Debian
Debian
added 2015/07/25 2:54 p.m.25 views

[SECURITY] [DSA 3317-1] lxc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3317-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2015 https://www.debian.org/security/faq -...

4.9CVSS2.4AI score0.00459EPSS
Exploits1
Debian
Debian
added 2015/07/25 2:54 p.m.24 views

[SECURITY] [DSA 3317-1] lxc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3317-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2015 https://www.debian.org/security/faq -...

4.9CVSS9AI score0.00459EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/07/25 12:0 a.m.27 views

Debian Security Advisory DSA 3317-1 (lxc - security update)

Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker could...

4.9CVSS8.9AI score0.00459EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.25 views

Ubuntu 14.04 LTS : LXC vulnerabilities (USN-2675-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2675-1 advisory. Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrar...

4.9CVSS6AI score0.00459EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2015/07/22 3:1 p.m.45 views

USN-2675-1: LXC vulnerabilities

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. CVE-2015-1331 Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

4.9CVSS5.6AI score0.00459EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/07/22 2:0 p.m.21 views

CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

4.6CVSS6.3AI score0.0037EPSS
Exploits0References2
Rows per page
Query Builder