CVE-2016-1582

MEDIUM

LXD <2.0.2 - Privilege Escalation

Title source: llm
STIX 2.1

Description

LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://linuxcontainers.org/lxd/news/
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2988-1

Scores

CVSS v3 5.5
EPSS 0.0035
EPSS Percentile 26.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (3)
canonical/lxd 2.0.1
canonical/ubuntu_linux 15.10
canonical/ubuntu_linux 16.04
Published Jun 09, 2016
Tracked Since Feb 18, 2026