LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by (1) querying or (2) updating a cgroup.
References
Configurations
History
No history.
Information
Published : 2015-12-07 20:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-1342
Mitre link : CVE-2015-1342
CVE.ORG link : CVE-2015-1342
JSON object : View
Products Affected
canonical
- lxcfs
- ubuntu_linux
CWE
CWE-264
Permissions, Privileges, and Access Controls