RSS   Podatności dla 'LXD'   RSS

2019-04-22
 
CVE-2015-1340

CWE-362
 

 
LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.

 

 >>> Vendor: Linuxcontainers 3 Produkty
LXC
Cgmanager
LXD


Copyright 2024, cxsecurity.com

 

Back to Top