Critical severity9.1NVD Advisory· Published May 1, 2017· Updated Jun 17, 2026
CVE-2016-8649
CVE-2016-8649
Description
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <1.0.9, <2.0.6
Patches
Vulnerability mechanics
References
6- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- github.com/lxc/lxc/commit/81f466d05f2a89cb4f122ef7f593ff3f279b165cnvdPatchVendor Advisory
- www.securityfocus.com/bid/94498nvdThird Party AdvisoryVDB Entry
- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- bugs.launchpad.net/ubuntu/+source/lxc/+bug/1639345nvdThird Party Advisory
- security-tracker.debian.org/tracker/CVE-2016-8649nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.