CVE-2016-8649

Summary

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.

Affected Software

VendorProductVersion RangeStatus
n/aLXC before 1.0.9 and 2.x before 2.0.6LXC before 1.0.9 and 2.x before 2.0.6affected

Weaknesses

  • container bypass

ADP Enrichment

CVE Program Container

Additional References

References