Jump to:

CVE-2013-6441

Jump to:

CVE-2013-6441

Package lxc updated to version 1.0.4-alt1 for branch sisyphus in task 121519.

Published: 2014-02-14
Modified: 2024-11-21

CVE-2013-6441

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

Severity: HIGH (7.2)

References:

USN-2104-1
USN-2104-1
https://bugs.launchpad.net/ubuntu/%2Bsource/lxc/%2Bbug/1261045
https://bugs.launchpad.net/ubuntu/%2Bsource/lxc/%2Bbug/1261045
https://github.com/dotcloud/lxc/pull/1
https://github.com/dotcloud/lxc/pull/1
https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2
https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2

Version: 2.1.0

Package lxc update in sisyphus on 2014-06-15

ALT-PU-2014-1782-1

Closed vulnerabilities

CVE-2013-6441