Canonical Lxd vulnerabilities

CVE-2024-6219 [LOW] CWE-295 CVE-2024-6219: Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could b Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.

CVE-2023-49721 [MEDIUM] CWE-276 CVE-2023-49721: An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

CVE-2023-48733 [MEDIUM] CWE-1188 CVE-2023-48733: An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.

CVE-2016-1581 [MEDIUM] CWE-284 CVE-2016-1581: LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop bas LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

CVE-2016-1582 [MEDIUM] CWE-200 CVE-2016-1582: LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into pri LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.