Explore top 10 tips to secure your open-source projects now. Read More
×
LXC could be made to create arbitrary virtual network interfaces as an
administrator.
Software Description:
- lxc: Linux Containers userspace tools
Details:
Jann Horn discovered that LXC incorrectly verified permissions when creating
virtual network interfaces. A local attacker could possibly use this issue to
create virtual network interfaces in network namespaces that they do not own.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: lxc-common 2.0.7-0ubuntu1~16.10.2 Ubuntu 16.04 LTS: lxc-common 2.0.7-0ubuntu1~16.04.2 Ubuntu 14.04 LTS: lxc 1.0.9-0ubuntu3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3224-1
CVE-2017-5985
Get the latest Linux and open source security news straight to your inbox.