Vulnerability in Linuxcontainers Lxc

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.

EPSS: 0.001 (29.3th percentile) — read the EPSS interpretation.

Affected products

Linuxcontainers Lxc — versions 1.1.0, 1.1.1, 1.1.2
Canonical Ubuntu_linux — versions 14.04, 15.04
N/a — versions n/a

Weakness classification (CWE)

CWE-59 — Improper Link Resolution Before File Access

References

FEDORA-2015-9f8f4b182a (x_refsource_FEDORA, vendor-advisory)
[lxc-devel] 20150929 LXC security issue - affects all supported releases (Vendor Advisory, mailing-list, x_refsource_MLIST, Patch)
DSA-3400 (vendor-advisory, x_refsource_DEBIAN)
security@ubuntu.com (x_refsource_CONFIRM)
security@ubuntu.com (x_refsource_CONFIRM)
76894 (vdb-entry, x_refsource_BID)
security@ubuntu.com (x_refsource_CONFIRM)
[oss-security] 20150929 Security issue in LXC (CVE-2015-1335) (mailing-list, x_refsource_MLIST)
USN-2753-1 (x_refsource_UBUNTU, vendor-advisory)
FEDORA-2015-211974138f (x_refsource_FEDORA, vendor-advisory)