Lucene search
K

16 matches found

Prion
Prion
added 2023/01/01 6:15 a.m.48 views

Path traversal

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

1.7CVSS3.5AI score0.00702EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/06/03 12:0 a.m.68 views

openSUSE Security Update : lxc / lxcfs (openSUSE-2019-1481)

This update for lxc, lxcfs to version 3.1.0 fixes the following issues : Security issues fixed : - CVE-2019-5736: Fixed a container breakout vulnerability boo1122185. - CVE-2018-6556: Enable setuid bit on lxc-user-nic boo988348. Non-security issues fixed : - Update to LXC 3.1.0. The changelog is...

9.3CVSS6.9AI score0.9857EPSS
Exploits34References13
OpenVAS
OpenVAS
added 2019/06/02 12:0 a.m.73 views

openSUSE: Security Advisory for lxc, lxcfs (openSUSE-SU-2019:1481-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.8AI score0.9857EPSS
Exploits34References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/05/31 12:0 a.m.362 views

Security update for lxc, lxcfs (important)

openSUSE Security Update: Security update for lxc, lxcfs Announcement ID: openSUSE-SU-2019:1481-1 Rating: important References: 1036360 1099239 1122185 1131762 988348 998326 Cross-References: CVE-2015-1331 CVE-2015-1334 CVE-2015-1335 CVE-2017-5985 CVE-2018-6556 CVE-2019-5736 Affected Products:...

9.3CVSS6.9AI score0.9857EPSS
Exploits34References6
Tenable Nessus
Tenable Nessus
added 2019/04/26 12:0 a.m.28 views

openSUSE Security Update : lxc / lxcfs (openSUSE-2019-1275)

This update for lxc, lxcfs to version 3.1.0 fixes the following issues : Security issues fixed : - CVE-2019-5736: Fixed a container breakout vulnerability boo1122185. - CVE-2018-6556: Enable setuid bit on lxc-user-nic boo988348. Non-security issues fixed : - Update to LXC 3.1.0. The changelog is...

9.3CVSS6.9AI score0.9857EPSS
Exploits33References6
OpenVAS
OpenVAS
added 2019/04/26 12:0 a.m.28 views

openSUSE: Security Advisory for lxc, lxcfs (openSUSE-SU-2019:1275-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS7.8AI score0.9857EPSS
Exploits33References2
OSV
OSV
added 2019/04/18 8:19 a.m.4 views

OPENSUSE-SU-2019:1230-1 Security update for lxc

This update for lxc fixes the following issues: The following security vulnerability was fixed: - CVE-2018-6556: Fixed an information leak and possible open side effects to regular users via lxc-user-nic boo988348 This update was imported from the openSUSE:Leap:15.0:Update update project...

3.3CVSS5AI score0.00347EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.32 views

openSUSE Security Update : lxc (openSUSE-2019-596)

This update for lxc fixes the following issues : The following security vulnerability was fixed : - CVE-2018-6556: Fixed an information leak and possible open side effects to regular users via lxc-user-nic boo988348 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

3.3CVSS5.4AI score0.00347EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.24 views

openSUSE: Security Advisory for lxc (openSUSE-SU-2018:2316-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

3.3CVSS4.4AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/08/15 12:0 a.m.31 views

openSUSE Security Update : lxc (openSUSE-2018-865)

This update for lxc fixes the following issues : The following security vulnerability was fixed : - CVE-2018-6556: Fixed an information leak and possible open side effects to regular users via lxc-user-nic boo988348 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

3.3CVSS5.4AI score0.00347EPSS
Exploits0References2
NVD
NVD
added 2018/08/10 3:29 p.m.19 views

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS4AI score0.00347EPSS
Exploits0References8
Cvelist
Cvelist
added 2018/08/10 3:0 p.m.38 views

CVE-2018-6556 The lxc-user-nic component of LXC allows unprivileged users to open arbitrary files

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.9AI score0.00347EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2018/08/10 3:0 p.m.36 views

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS4.1AI score0.00347EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/08/10 3:0 p.m.29 views

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS3.6AI score0.00347EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/08/06 4:0 p.m.29 views

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS5.9AI score0.00347EPSS
Exploits0References2
OSV
OSV
added 2018/08/06 4:0 p.m.7 views

UBUNTU-CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS5.8AI score0.00347EPSS
Exploits0References3
Rows per page
Query Builder