2 matches found
MGASA-2017-0167 Updated lxc packages fix security vulnerabilities
Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container CVE-2016-8649. Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A...
MGASA-2015-0304 Updated lxc package fixes security vulnerability
Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user CVE-2015-1331. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...