VDB
DEBIAN-CVE-2016-8649
DEBIAN-CVE-2016-8649
PUBLISHED
CVSS 9.100000381469727 CRITICAL
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Risk Scores
CVSS v3.0
9.100000381469727
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | lxc | 0, 0, 0 |
| Debian:13 | lxc | 0, 0, 0 |
| Debian:14 | lxc | 0, 0, 0 |
| Debian:12 | lxc | 0, 0, 0 |
Timeline
- May 1, 2017 CVE Published
- Apr 28, 2026 CVE Updated