|
|
Subscribe / Log in / New account

Ubuntu alert USN-2809-1 (lxd)



From:
    	      Marc Deslauriers <marc.deslauriers@canonical.com> 


To:
    	      ubuntu-security-announce@lists.ubuntu.com 


Subject:
    	      [USN-2809-1] LXD vulnerability 


Date:
    	      Thu, 12 Nov 2015 13:02:45 -0500


Message-ID:
    	      <5644D445.8010402@canonical.com>


==========================================================================
Ubuntu Security Notice USN-2809-1
November 12, 2015

lxd vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10

Summary:

LXD could be made to run programs as an administrator.

Software Description:
- lxd: Container hypervisor based on LXC

Details:

Jeroen Simonetti discovered that LXD incorrectly set socket permissions. A
local attacker could use this issue to escalate privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
  lxd                             0.20-0ubuntu4.1

In general, a standard system update will make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-2809-1

  https://launchpad.net/bugs/1515689


Package Information:
  https://launchpad.net/ubuntu/+source/lxd/0.20-0ubuntu4.1



-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds