| CVE-2016-10124 | Hig | 0.56 | 8.6 | 0.00 | | Jan 9, 2017 | An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container. |
| CVE-2017-5985 | Low | 0.21 | 3.3 | 0.00 | | Mar 14, 2017 | lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check. |
| CVE-2015-1334 | | 0.00 | — | 0.00 | | Aug 12, 2015 | attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1) AppArmor profile or (2) SELinux label. |
| CVE-2015-1331 | | 0.00 | — | 0.00 | | Aug 12, 2015 | lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*. |
| CVE-2013-6441 | | 0.00 | — | 0.00 | | Feb 14, 2014 | The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file. |
