CVE-2016-8649

Published: May 1, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.

Vendor	Product	Versions
n/a	LXC before 1.0.9 and 2.x before 2.0.6	affected `LXC before 1.0.9 and 2.x before 2.0.6`

References

https://bugzilla.redhat.com/show_bug.cgi?id=1398242

x_refsource_CONFIRM

https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345

x_refsource_CONFIRM

https://github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165c

x_refsource_CONFIRM

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465

x_refsource_CONFIRM

https://security-tracker.debian.org/tracker/CVE-2016-8649

x_refsource_CONFIRM

94498

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-8649

Description

Affected Products

References