CVE-2015-1335

EPSS 0.11%

lxc - security update

Published: 10/1/2015Modified: 4/28/2026

Description

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.

Affected packages (2)

Debian/lxcfrom 0, < 1:1.0.8-1
Debian/lxcfrom 0, < 1:1.0.6-6+deb8u2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1335