VYPR
Medium severity5.5OSV Advisory· Published Jun 9, 2016· Updated Jun 17, 2026

CVE-2016-1581

CVE-2016-1581

Description

LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Canonical/LxdOSV2 versions
    lxd-0.1, lxd-0.10, lxd-0.11, …+ 1 more
    • (no CPE)range: lxd-0.1, lxd-0.10, lxd-0.11, …
    • cpe:2.3:a:canonical:lxd:*:*:*:*:*:*:*:*range: <=2.0.1
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.