VYPR

Lxd

by Canonical

Source repositories

CVEs (24)

  • CVE-2024-6156Dec 5, 2024
    risk 0.00cvss epss 0.00

    Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

  • CVE-2023-49721Feb 14, 2024
    risk 0.00cvss epss 0.00

    An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

  • CVE-2023-5536Dec 12, 2023
    risk 0.00cvss epss 0.00

    A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.

  • CVE-2015-8222Nov 17, 2015
    risk 0.00cvss epss 0.00

    The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors.

Page 2 of 2