Low severity3.3NVD Advisory· Published Aug 10, 2018· Updated Jun 17, 2026
CVE-2018-6556
CVE-2018-6556
Description
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/lxc&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/lxc&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/lxcfs&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/lxc&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/lxcfs&distro=SUSE%20Package%20Hub%2015
< 3.1.0-lp150.2.10.1+ 4 more
- (no CPE)range: < 3.1.0-lp150.2.10.1
- (no CPE)range: < 4.0.9-1.1
- (no CPE)range: < 3.0.3-lp150.2.3.1
- (no CPE)range: < 3.1.0-bp150.5.3.1
- (no CPE)range: < 3.0.3-bp150.3.3.1
Patches
Vulnerability mechanics
References
8- bugzilla.suse.com/show_bug.cginvdIssue TrackingPatch
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00074.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00076.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.htmlnvdMailing ListThird Party Advisory
- bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591nvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/201808-02nvdThird Party Advisory
- usn.ubuntu.com/usn/usn-3730-1nvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.htmlnvd
News mentions
0No linked articles in our index yet.