| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-5736 | 9.3 |
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
|
02-02-2024 - 12:15 | 11-02-2019 - 19:29 | |
| CVE-2017-5985 | 2.1 |
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
|
03-10-2019 - 00:03 | 14-03-2017 - 17:59 | |
| CVE-2018-6556 | 2.1 |
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also
|
31-05-2019 - 21:29 | 10-08-2018 - 15:29 | |
| CVE-2015-1335 | 7.2 |
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
|
31-05-2019 - 21:29 | 01-10-2015 - 20:59 | |
| CVE-2015-1334 | 4.6 |
attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
|
31-05-2019 - 21:29 | 12-08-2015 - 14:59 | |
| CVE-2015-1331 | 4.9 |
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
|
31-05-2019 - 21:29 | 12-08-2015 - 14:59 |