Vulnerabilities > CVE-2015-1334 - Code vulnerability in Linuxcontainers LXC

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

linuxcontainers

CWE-17

nessus

NVD

Published: 2015-08-12

Updated: 2019-05-31

Summary

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.

Vulnerable Configurations

Part	Description	Count
Application	Linuxcontainers Linuxcontainers LXC 0.1.0 Linuxcontainers LXC 0.2.0 Linuxcontainers LXC 0.2.1 Linuxcontainers LXC 0.3.0 Linuxcontainers LXC 0.4.0 Linuxcontainers LXC 0.5.0 Linuxcontainers LXC 0.5.1 Linuxcontainers LXC 0.5.2 Linuxcontainers LXC 0.6.0 Linuxcontainers LXC 0.6.1 Linuxcontainers LXC 0.6.2 Linuxcontainers LXC 0.6.3 Linuxcontainers LXC 0.6.4 Linuxcontainers LXC 0.6.5 Linuxcontainers LXC 0.7.0 Linuxcontainers LXC 0.7.1 Linuxcontainers LXC 0.7.2 Linuxcontainers LXC 0.7.3 Linuxcontainers LXC 0.7.4 Linuxcontainers LXC 0.7.4.1 Linuxcontainers LXC 0.7.4.2 Linuxcontainers LXC 0.7.5 Linuxcontainers LXC 0.8.0 Linuxcontainers LXC 0.9.0 Linuxcontainers LXC 1.0.0 Linuxcontainers LXC 1.0.1 Linuxcontainers LXC 1.0.2 Linuxcontainers LXC 1.0.3 Linuxcontainers LXC 1.0.4 Linuxcontainers LXC 1.0.5 Linuxcontainers LXC 1.0.6 Linuxcontainers LXC 1.0.7 Linuxcontainers LXC 1.0.8 Linuxcontainers LXC 1.0.9 Linuxcontainers LXC 1.0.10 Linuxcontainers LXC 1.0.11 Linuxcontainers LXC 1.1.0 Linuxcontainers LXC 1.1.1 Linuxcontainers LXC 1.1.2	40

Common Weakness Enumeration (CWE)

CWE-17 - Code

Nessus

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-523.NASL
description	lxc was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-1331: directory traversal flaw allowing arbitrary file creation as the root user (bnc#938522) - CVE-2015-1334: AppArmor or SELinux confinement escape via fake /proc (bnc#938523)
last seen	2020-06-05
modified	2015-07-31
plugin id	85135
published	2015-07-31
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/85135
title	openSUSE Security Update : lxc (openSUSE-2015-523)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2675-1.NASL
description	Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. (CVE-2015-1331) Roman Fiedler discovered that LXC incorrectly trusted the container
last seen	2020-06-01
modified	2020-06-02
plugin id	84957
published	2015-07-23
reporter	Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84957
title	Ubuntu 14.04 LTS / 14.10 / 15.04 : lxc vulnerabilities (USN-2675-1)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2015-12608.NASL
description	Security fix for CVE-2015-1331, CVE-2015-1334. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2015-08-11
plugin id	85313
published	2015-08-11
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/85313
title	Fedora 23 : lxc-1.1.2-2.fc23 (2015-12608)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2015-12645.NASL
description	Security fix for CVE-2015-1331, CVE-2015-1334. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2015-08-11
plugin id	85314
published	2015-08-11
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/85314
title	Fedora 21 : lxc-1.0.7-2.fc21 (2015-12645)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2015-12647.NASL
description	Security fix for CVE-2015-1331, CVE-2015-1334. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-05
modified	2015-08-11
plugin id	85315
published	2015-08-11
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/85315
title	Fedora 22 : lxc-1.1.2-2.fc22 (2015-12647)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-3317.NASL
description	Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-1331 Roman Fiedler discovered a directory traversal flaw in LXC when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user. - CVE-2015-1334 Roman Fiedler discovered that LXC incorrectly trusted the container
last seen	2020-06-01
modified	2020-06-02
plugin id	84993
published	2015-07-27
reporter	This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/84993
title	Debian DSA-3317-1 : lxc - security update

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2015-3065.NASL
description	Description of changes: [1.0.7-2.0.7] - [Orabug 21533491] CVE-2015-1334: Don
last seen	2020-06-01
modified	2020-06-02
plugin id	85178
published	2015-08-03
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/85178
title	Oracle Linux 6 / 7 : lxc (ELSA-2015-3065)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-524.NASL
description	lxc was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-1334: AppArmor or SELinux confinement escape via fake /proc (bnc#938523)
last seen	2020-06-05
modified	2015-07-31
plugin id	85136
published	2015-07-31
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/85136
title	openSUSE Security Update : lxc (openSUSE-2015-524)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1481.NASL
description	This update for lxc, lxcfs to version 3.1.0 fixes the following issues : Security issues fixed : - CVE-2019-5736: Fixed a container breakout vulnerability (boo#1122185). - CVE-2018-6556: Enable setuid bit on lxc-user-nic (boo#988348). Non-security issues fixed : - Update to LXC 3.1.0. The changelog is far too long to include here, please look at https://linuxcontainers.org/. (boo#1131762)
last seen	2020-06-01
modified	2020-06-02
plugin id	125668
published	2019-06-03
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125668
title	openSUSE Security Update : lxc / lxcfs (openSUSE-2019-1481)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References