CVE-2015-8222

EUVD-2015-8111
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
canonicalubuntu_linux
15.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lxd
bookworm
5.0.2-5
fixed
sid
5.0.2+git20231211.1364ae4-7
fixed
trixie
5.0.2+git20231211.1364ae4-7
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
lxd
precise
dne
trusty
dne
vivid
Fixed
released
wily
Fixed
released
Common Weakness Enumeration
References
http://www.ubuntu.com/usn/USN-2809-1
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689
https://github.com/lxc/lxd/issues/1307
http://www.ubuntu.com/usn/USN-2809-1
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689
https://github.com/lxc/lxd/issues/1307