6 matches found
incus-6.14-1.1 on GA media (moderate)
incus-6.14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15317-1 Rating: moderate Cross-References: CVE-2025-52889 CVE-2025-52890 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...
CVE-2025-52890
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52890 Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52890
Incus CVE-2025-52890 affects the Incus system container/VM manager; versions 6.12 and 6.13 generate nftables rules when an ACL is used on a bridge-connected device, which partially bypasses security.mac_filtering, security.ipv4_filtering and security.ipv6_filtering. This can enable ARP spoofing o...
CVE-2025-52890
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52890
creationtimestamp| type| source ---|---|--- 2025-06-25 14:13:03+00:00| published-proof-of-concept| https://github.com/lxc/incus/security/advisories/GHSA-p7fw-vjjm-2rwp 2025-06-25 18:06:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19497 2025-06-25 20:39:50+00:00| see...