CVE-2026-34178 Importing a crafted backup leads to project restriction bypass

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An...

LXD 安全漏洞

LXD is a Canonical open-source container-based system for managing applications on Linux systems. Prior to LXD 6.8, there was a security vulnerability. This vulnerability stemmed from the backup import path only verifying the backup/index.yaml file in the backup archive, without performing projec...