vzctl: insecure ploop-based containers
| Package(s): | vzctl |
CVE #(s): | CVE-2015-6927
|
| Created: | September 14, 2015 |
Updated: | January 11, 2017 |
| Description: |
From the Debian advisory:
It was discovered that vzctl, a set of control tools for the OpenVZ
server virtualization solution, determined the storage layout of
containers based on the presence of an XML file inside the container.
An attacker with local root privileges in a simfs-based container
could gain control over ploop-based containers. Further information on
the prerequites of such an attack can be found at
https://src.openvz.org/projects/OVZL/repos/vzctl/commits/... |
| Alerts: |
|
