CVE-2015-1340
chmod race in doUidshiftIntoContainer
LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Ubuntu · LXDQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →