7 matches found
[ASA-201705-17] lxc: insufficient validation
Arch Linux Security Advisory ASA-201705-17 ========================================== Severity: Low Date : 2017-05-13 CVE-ID : CVE-2017-5985 Package : lxc Type : insufficient validation Remote : No Link : https://security.archlinux.org/AVG-204 Summary ======= The package lxc before version...
openSUSE Security Update : lxc (openSUSE-2017-463)
This update for lxc fixes the following issues : This security issue was fixed : CVE-2017-5985: lxc-user-nic allowed access to network namespace over which the caller did not hold privilege boo1028264. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...
CVE-2017-5985
CVE-2017-5985 affects LXC’s lxc-user-nic component, where missing netns ownership checks let a local user with a lxc-usernet allocation create host interfaces and pick their names. The issue is documented across multiple vendors and advisories (openSUSE, Mageia, Arch Linux) with fixes in updated ...
CVE-2017-5985
lxc-user-nic in Linux Containers LXC allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check...