IDCVSSSummaryLast (major) updatePublished
CVE-2019-5736 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
11-02-2019 - 14:29 11-02-2019 - 14:29
CVE-2018-6556 2.1
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also
10-08-2018 - 11:29 10-08-2018 - 11:29
CVE-2016-10124 5.0
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowin
01-05-2017 - 21:59 09-01-2017 - 03:59
CVE-2017-5985 2.1
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
30-03-2017 - 10:30 14-03-2017 - 13:59
CVE-2015-1335 7.2
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
07-12-2016 - 22:07 01-10-2015 - 16:59
CVE-2015-1334 4.6
attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
28-11-2016 - 14:18 12-08-2015 - 10:59
CVE-2015-1331 4.9
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
28-11-2016 - 14:18 12-08-2015 - 10:59
CVE-2013-6441 7.2
The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
18-02-2014 - 10:43 14-02-2014 - 10:55
Back to Top Mark selected
Back to Top