VDB
GCVE-110-MAGEIA-2019-87
GCVE-110-MAGEIA-2019-87
Advisory Published
LXC allows attackers to overwrite the host LXC binary (and consequently
obtain host root access) by leveraging the ability to execute a command as
root within one of these types of containers: a new container with an
attacker-controlled image, or an existing container, to which the attacker
previously had write access. This occurs because of file-descriptor
mishandling, related to /proc/self/exe. This attack is only possible with
privileged containers since it requires root privilege on the host to
overwrite the binary.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | lxc | 0 (affected), 2.0.8-1.1.mga6 (unaffected), 0 (affected), 2.0.8-1.1.mga6 (unaffected) | — |
| Mageia | youtube-dl | 0 (affected), 2019.07.30-1.mga6 (unaffected) | — |
| Mageia | youtube-dl | 0 (affected), 2019.07.30-1.mga7 (unaffected) | — |
References
youtube-dl maintenance release
advisory
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.