ALT-PU-2015-1962-1
Closed vulnerabilities
Published: 2015-10-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-1335
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
Severity: HIGH (7.2)
References:
- FEDORA-2015-9f8f4b182a
- FEDORA-2015-9f8f4b182a
- FEDORA-2015-211974138f
- FEDORA-2015-211974138f
- FEDORA-2015-ebfe46536f
- FEDORA-2015-ebfe46536f
- openSUSE-SU-2019:1481
- openSUSE-SU-2019:1481
- openSUSE-SU-2015:1717
- openSUSE-SU-2015:1717
- DSA-3400
- DSA-3400
- [oss-security] 20150929 Security issue in LXC (CVE-2015-1335)
- [oss-security] 20150929 Security issue in LXC (CVE-2015-1335)
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 76894
- 76894
- USN-2753-1
- USN-2753-1
- https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1476662
- https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1476662
- https://github.com/lxc/lxc/commit/592fd47a6245508b79fe6ac819fe6d3b2c1289be
- https://github.com/lxc/lxc/commit/592fd47a6245508b79fe6ac819fe6d3b2c1289be
- [lxc-devel] 20150929 LXC security issue - affects all supported releases
- [lxc-devel] 20150929 LXC security issue - affects all supported releases