ROS-20260512-73-0006

A vulnerability in Incus container management system and virtual machine manager is related to incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

ROS-20260512-73-0007

A vulnerability in the Incus container management system and virtual machine manager is related to failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...

ROS-20260420-73-0033

A vulnerability in Incus container management system and virtual machine manager is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

CVE-2026-33945 Abitrary file write through systemd-creds option

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

CVE-2026-23953

Incus CVE-2026-23953 affects versions 6.20.0 and earlier. A user able to launch a container with a crafted YAML can inject newlines via an environment variable, enabling additional lxc.conf items and potentially arbitrary command execution on the host. Exploitation requires modifying the payload ...

CVE-2026-23953 Incus container environment configuration newline injection

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration e.g a member of the ‘incus’ group can create an environment variable containing newlines, which can be used to add additional...

Incus container environment configuration newline injection

Summary A user with the ability to launch a container with a custom YAML configuration e.g a member of the ‘incus’ group can create an environment variable containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to the newline injection. This c...

[SECURITY] Fedora 42 Update: incus-6.12-1.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 41 Update: incus-6.8-1.fc41

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...