LinuX Containers user space utilities: Arbitrary file read — GLSA 201808-02

A vulnerability has been found in LXC which may allow for arbitrary file access (read-only).

Affected packages

app-emulation/lxc on all architectures
Affected versions < 2.1.1-r1
Unaffected versions >= 2.1.1-r1

Background

LinuX Containers user space utilities.

Description

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn’t otherwise be able to reach.

Impact

A local unprivileged user could use this flaw to access arbitrary files, including special device files.

Workaround

There is no known workaround at this time.

Resolution

All LXC users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-emulation/lxc-2.1.1-r1"
 

References

Release date
August 22, 2018

Latest revision
October 17, 2018: 3

Severity
low

Exploitable
local

Bugzilla entries