CVE-2016-1581
09.06.2016, 16:59
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.Enginsight
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 16.04 |
| canonical | lxd | 𝑥 ≤ 2.0.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration