CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html
http://www.debian.org/security/2015/dsa-3317
http://www.securityfocus.com/bid/75998
http://www.ubuntu.com/usn/USN-2675-1
https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e
https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.html
http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html
http://www.debian.org/security/2015/dsa-3317
http://www.securityfocus.com/bid/75998
http://www.ubuntu.com/usn/USN-2675-1
https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e
https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html

Configurations

Configuration 1 (hide)

cpe:2.3:a:linuxcontainers:lxc:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:25

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html -
References	~~() http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.html -~~	() http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.html -
References	~~() http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html -~~	() http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html -
References	~~() http://www.debian.org/security/2015/dsa-3317 -~~	() http://www.debian.org/security/2015/dsa-3317 -
References	~~() http://www.securityfocus.com/bid/75998 -~~	() http://www.securityfocus.com/bid/75998 -
References	~~() http://www.ubuntu.com/usn/USN-2675-1 -~~	() http://www.ubuntu.com/usn/USN-2675-1 -
References	~~() https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e -~~	() https://github.com/lxc/lxc/commit/5c3fcae78b63ac9dd56e36075903921bd9461f9e -
References	~~() https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html -~~	() https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html -

Information

Published : 2015-08-12 14:59

Updated : 2024-11-21 02:25

NVD link : CVE-2015-1334

Mitre link : CVE-2015-1334

CVE.ORG link : CVE-2015-1334

JSON object : View

Products Affected

linuxcontainers

CWE

CWE-17

DEPRECATED: Code

4.6 /10