CVE-2026-34177
CRITICALVM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf
Title source: cnaDescription
Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.
References (2)
Core 2
Core References
Patch patch
issue-tracking
lxd: Prevent use of raw.apparmor and raw.qemu.conf when low level options are blocked
https://github.com/canonical/lxd/pull/17909
Vendor Advisory vdb-entry
vendor-advisory
VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf
https://github.com/canonical/lxd/security/advisories/GHSA-fm2x-c5qw-4h6f
Scores
CVSS v3
9.1
EPSS
0.0036
EPSS Percentile
27.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-184
Status
published
Products (5)
canonical/lxd
0.0.0-20210305023314-538ac3df036eGo
canonical/lxd
4.12 - 5.0.6
Canonical/lxd
4.12.0 - 5.0.7
Canonical/lxd
5.1.0 - 5.21.5
Canonical/lxd
6.0.0 - 6.8.0
Published
Apr 09, 2026
Tracked Since
Apr 09, 2026