openSUSE-SU-2017:0988-1

Опубликовано: 12 апр. 2017

Источник: suse-cvrf

Описание

Security update for lxc

This update for lxc fixes the following issues:

This security issue was fixed:

CVE-2017-5985: lxc-user-nic allowed access to network namespace over which the caller did not hold privilege (boo#1028264).

Список пакетов

openSUSE Leap 42.2

lxc-1.1.5-15.3.1

lxc-devel-1.1.5-15.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-04/msg00043.html
E-Mail link for openSUSE-SU-2017:0988-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.

Затронутые продукты

openSUSE Leap 42.2:lxc-1.1.5-15.3.1

openSUSE Leap 42.2:lxc-devel-1.1.5-15.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-5985.html
CVE-2017-5985
https://bugzilla.suse.com/1028264
SUSE Bug 1028264

openSUSE-SU-2017:0988-1

Описание

Список пакетов

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-5985

Описание

Затронутые продукты

Ссылки