Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2019/04/22 4:29 p.m.45 views

CVE-2015-1340

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

8.1CVSS7.1AI score0.00896EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/04/22 3:35 p.m.31 views

CVE-2015-1340

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

8.1CVSS7.4AI score0.00896EPSS
Exploits0
CVE
CVE
added 2019/04/22 3:35 p.m.49 views

CVE-2015-1340

CVE-2015-1340 describes a TOCTOU race in LXD’s container path handling: an unsafe chmod in doUidshiftIntoContainer() that races with Filepath.Walk(), allowing a symlink created in the window to let an attacker set arbitrary file modes. Affected: LXD prior to 0.19-0ubuntu5. Impact: potential modif...

8.1CVSS7.3AI score0.00896EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/22 3:35 p.m.35 views

CVE-2015-1340 chmod race in doUidshiftIntoContainer

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

7CVSS8AI score0.00896EPSS
Exploits0References1
Rows per page
Query Builder