Lucene search
K

6 matches found

EUVD
EUVD
added 2026/04/10 7:21 p.m.4 views

EUVD-2026-20872

LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/10 7:21 p.m.6 views

LXD: VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Summary The isVMLowLevelOptionForbidden function in lxd/project/limits/permissions.go is missing raw.apparmor and raw.qemu.conf from its hardcoded forbidden list. A user with canedit permission on a VM instance in a restricted project can combine these two omissions to bridge the LXD unix socket...

9.1CVSS6AI score0.00363EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/04/09 10:16 a.m.4 views

CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

9.1CVSS0.00363EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/09 10:16 a.m.5 views

CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/09 10:7 a.m.5 views

Incomplete List of Disallowed Inputs

Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the isVMLowLevelOptionForbidden function in lxd/project/limits/permissions.go. An attacker can set forbidden low-level VM configuration keys, such as raw.apparmor or raw.qemu.conf in a project th...

9.1CVSS5.4AI score0.00363EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 9:15 a.m.24 views

CVE-2026-34177 VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

9.1CVSS0.00363EPSS
Exploits0References2
Rows per page
Query Builder