CVE-2015-1335

CWE-5912 documents8 sources

Severity

7.2HIGH

EPSS

0.1%

top 70.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linuxcontainers LXC Canonical Ubuntu Linux

Timeline

PublishedOct 1

Latest updateMay 14

Description

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDlinuxcontainers/lxc1.0.7+4

▶Debianlxc< 1:1.0.8-1+3

Also affects: Ubuntu Linux 14.04, 15.04

Patches

Patch: lists.linuxcontainers.org ↗Patch: lists.linuxcontainers.org ↗

🔴Vulnerability Details

GHSA

GHSA-6jr3-ph3x-8q66: lxc-start in lxc before 1↗2022-05-14

▶

CVEList

CVE-2015-1335: lxc-start in lxc before 1↗2015-10-01

▶

OSV

CVE-2015-1335: lxc-start in lxc before 1↗2015-10-01

▶

📋Vendor Advisories

Ubuntu

LXC vulnerability↗2015-09-29

▶

Red Hat

webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-26

▶

Debian

CVE-2015-1335: lxc - lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container admi...↗2015

▶

💬Community

Bugzilla

CVE-2015-1335 lxc: Directory traversal flaw when lxc-start is initially setting up the mounts for a container↗2015-10-01

▶

Bugzilla

CVE-2015-1335 lxc: Directory traversal flaw when lxc-start is initially setting up the mounts for a container [fedora-all]↗2015-10-01

▶

Bugzilla

CVE-2015-1335 lxc: Directory traversal flaw when lxc-start is initially setting up the mounts for a container [epel-6]↗2015-10-01

▶

Bugzilla

CVE-2015-1335 lxc: Directory traversal flaw when lxc-start is initially setting up the mounts for a container [epel-7]↗2015-10-01

▶

Bugzilla

CVE-2014-1335 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)↗2015-01-27

▶