CVE-2017-5985

Published: Mar 14, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[lxc-devel] 20170309 Security fix for CVE-2017-5985 (lxc-user-nic)

mailing-list

x_refsource_MLIST

https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9

x_refsource_CONFIRM

96777

vdb-entry

x_refsource_BID

https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1654676

x_refsource_CONFIRM

USN-3224-1

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20170309 LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:1481

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-5985

Description

Affected Products

References