Ubuntu
lxc package

  1. Bug #1639345
  2. Comment #30

Comment 30 for bug 1639345

Revision history for this message
Tyler Hicks (tyhicks) wrote : Re: [Bug 1639345] Re: lxc-attach to malicious container allows access to host

On 11/09/2016 01:36 AM, Stéphane Graber wrote:
> Security team: Please assign a CVE for LXC. And please review suggested fix.

I think I've spotted one minor problem with the suggested fix. In
attach_child_main(), shutdown(ipc_socket, SHUT_RDWR) is not called when
lxc_seccomp_load() fails.

As for the CVE assignment for LXC, the Ubuntu Security Team is not
assigning CVEs at this time. Once we settle on a preferred CRD, I can
notify the linux-distros list about this issue and request a CVE at that
time.