VDB

GCVE-110-MAGEIA-2019-87

GCVE-110-MAGEIA-2019-87
Advisory Published
Vulnetix · Advisory published February 17, 2019
LXC allows attackers to overwrite the host LXC binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: a new container with an attacker-controlled image, or an existing container, to which the attacker previously had write access. This occurs because of file-descriptor mishandling, related to /proc/self/exe. This attack is only possible with privileged containers since it requires root privilege on the host to overwrite the binary.

Affected Products

VendorProductVersionsPlatforms
Mageialxc0 (affected), 2.0.8-1.1.mga6 (unaffected), 0 (affected), 2.0.8-1.1.mga6 (unaffected)
Mageiayoutube-dl0 (affected), 2019.07.30-1.mga6 (unaffected)
Mageiayoutube-dl0 (affected), 2019.07.30-1.mga7 (unaffected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›