CVE-2015-1334

Publication date 22 July 2015

Last updated 24 July 2024

Ubuntu priority

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
lxc	17.04 zesty	Fixed 1.1.3-0ubuntu1
	16.10 yakkety	Fixed 1.1.3-0ubuntu1
	16.04 LTS xenial	Fixed 1.1.3-0ubuntu1
	15.10 wily	Fixed 1.1.3-0ubuntu1
	15.04 vivid	Fixed 1.1.2-0ubuntu3.1
	14.10 utopic	Fixed 1.1.0~alpha2-0ubuntu3.3
	14.04 LTS trusty	Fixed 1.0.7-0ubuntu0.2
	12.04 LTS precise	Ignored end of life

Notes

tyhicks

Affects LXC 0.9.0 and higher

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
lxc	Upstream: 5c3fcae

CVE-2015-1334

Status

Notes

tyhicks

Patch details

References

Related Ubuntu Security Notices (USN)

Other references