CVE-2013-6441

Published: 31 December 2013

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

Priority

Medium

Status

Package Release Status
lxc
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.0.0~beta2-0ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.0.0~beta2-0ubuntu1)
Patches:
Upstream: https://github.com/lxc/lxc/commit/f4d5cc8e1f39d132b61e110674528cac727ae0e2