Ubuntu 2675-1: LXC vulnerabilities

    Date22 Jul 2015
    CategoryUbuntu
    47
    Posted ByLinuxSecurity Advisories
    Several security issues were fixed in LXC.
    ==========================================================================
    Ubuntu Security Notice USN-2675-1
    July 22, 2015
    
    lxc vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 15.04
    - Ubuntu 14.10
    - Ubuntu 14.04 LTS
    
    Summary:
    
    Several security issues were fixed in LXC.
    
    Software Description:
    - lxc: Linux Containers userspace tools
    
    Details:
    
    Roman Fiedler discovered that LXC had a directory traversal flaw when creating
    lock files. A local attacker could exploit this flaw to create an arbitrary
    file as the root user. (CVE-2015-1331)
    
    Roman Fiedler discovered that LXC incorrectly trusted the container's proc
    filesystem to set up AppArmor profile changes and SELinux domain transitions. A
    local attacker could exploit this flaw to run programs inside the container
    that are not confined by AppArmor or SELinux. (CVE-2015-1334)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 15.04:
      liblxc1                         1.1.2-0ubuntu3.1
      lxc                             1.1.2-0ubuntu3.1
    
    Ubuntu 14.10:
      liblxc1                         1.1.0~alpha2-0ubuntu3.3
      lxc                             1.1.0~alpha2-0ubuntu3.3
    
    Ubuntu 14.04 LTS:
      liblxc1                         1.0.7-0ubuntu0.2
      lxc                             1.0.7-0ubuntu0.2
    
    In general, a standard system update will make all the necessary changes. You
    will need to restart your previously running LXC containers in Ubuntu 15.04 due
    to bug that causes containers to be stopped on during lxc package installation
    (https://launchpad.net/bugs/1476691).
    
    References:
      http://www.ubuntu.com/usn/usn-2675-1
      CVE-2015-1331, CVE-2015-1334
    
    Package Information:
      https://launchpad.net/ubuntu/+source/lxc/1.1.2-0ubuntu3.1
      https://launchpad.net/ubuntu/+source/lxc/1.1.0~alpha2-0ubuntu3.3
      https://launchpad.net/ubuntu/+source/lxc/1.0.7-0ubuntu0.2
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":56.1,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.2,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":31.71,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.