Debian Incus vulnerabilities

CVE-2026-28384 [CRITICAL] CVE-2026-28384: incus - An improper sanitization of the compression_algorithm parameter in Canonical LXD... An improper sanitization of the compression_algorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the snap versions 5.0.6-e49d9f4 (channel 5.0/stable), 5.21.4-1374f39 (chan

CVE-2026-33945 [CRITICAL] CVE-2026-33945: incus - Incus is a system container and virtual machine manager. Incus instances have an... Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like `systemd.credential.../../../../../../root/.bashrc` to cause Incus to write outside

CVE-2026-33897 [CRITICAL] CVE-2026-33897: incus - Incus is a system container and virtual machine manager. Prior to version 6.23.0... Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementation o

CVE-2026-23954 [HIGH] CVE-2026-23954: incus - Incus is a system container and virtual machine manager. Versions 6.21.0 and bel... Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitra

CVE-2026-23953 [HIGH] CVE-2026-23953: incus - Incus is a system container and virtual machine manager. In versions 6.20.0 and ... Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to newline injection. Th

CVE-2026-33743 [MEDIUM] CVE-2026-33743: incus - Incus is a system container and virtual machine manager. Prior to version 6.23.0... Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a denial of service of the control plane API. This does not impact any run

CVE-2026-33542 [MEDIUM] CVE-2026-33542: incus - Incus is a system container and virtual machine manager. Prior to version 6.23.0... Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Version 6.23.0 patches t

CVE-2026-33711 [MEDIUM] CVE-2026-33711: incus - Incus is a system container and virtual machine manager. Incus provides an API t... Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable paths under /tmp for this, an attacker with local access to the system

CVE-2026-3351 [LOW] CVE-2026-3351: incus - Improper authorization in the API endpoint GET /1.0/certificates in Canonical LX... Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server. Scope: local forky: resolved sid: resolved trixie: resolved

CVE-2026-33898 [HIGH] CVE-2026-33898: incus - Incus is a system container and virtual machine manager. Prior to version 6.23.0... Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` incorrectly validates the authentication token such that an invalid value will be accepted. `incus webui` runs a local web server on a random localhost port. For authentication, it provides the user with a URL containing an authentication token. Wh

CVE-2025-54287 [HIGH] CVE-2025-54287: incus - Template Injection in instance snapshot creation component in Canonical LXD (>= ... Template Injection in instance snapshot creation component in Canonical LXD (>= 4.0) allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (f

CVE-2025-54289 [HIGH] CVE-2025-54289: incus - Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platfor... Privilege Escalation in operations API in Canonical LXD <6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (fixed in 6.0.4-2+deb13u1)

CVE-2025-54286 [HIGH] CVE-2025-54286: incus - Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on ... Cross-Site Request Forgery (CSRF) in LXD-UI in Canonical LXD versions >= 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (fixed in 6.0.4-2+deb13u1)

CVE-2025-54293 [HIGH] CVE-2025-54293: incus - Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Li... Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (fixed in 6.0.4-2+deb13u1)

CVE-2025-64507 [HIGH] CVE-2025-64507: incus - Incus is a system container and virtual machine manager. An issue in versions pr... Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the `security.shifted` property set to `true` as well as access to the host as an unprivileged user. The most comm

CVE-2025-54288 [MEDIUM] CVE-2025-54288: incus - Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on... Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the command line. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resol

CVE-2025-54291 [MEDIUM] CVE-2025-54291: incus - Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on a... Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (fixed in 6.0.4-2+deb13u1)

CVE-2025-54290 [MEDIUM] CVE-2025-54290: incus - Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.... Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints. Scope: local forky: resolved (fixed in 6.0.5-1) sid: resolved (fixed in 6.0.5-1) trixie: resolved (fixed in 6.0.4-2+deb13u1)

CVE-2025-52889 [LOW] CVE-2025-52889: incus - Incus is a system container and virtual machine manager. When using an ACL on a ... Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to DHCP pool exhaustion and opens the

CVE-2025-52890 [HIGH] CVE-2025-52890: incus - Incus is a system container and virtual machine manager. When using an ACL on a ... Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to ARP spoofing on the bridge and to fully spoof another VM/container o