Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Lxc
(Linuxcontainers)| Repositories |
• https://github.com/lxc/lxc
• https://github.com/opencontainers/runc |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-01-01 | CVE-2022-47952 | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user... | Lxc | 3.3 |