Опубликовано: 09 июн. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5
Описание
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.0.2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | released | 2.0.2-0ubuntu1~16.04.1 |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 0.20-0ubuntu4.2 |
Показывать по
10
EPSS
Процентиль: 10%
0.00035
Низкий
2.1 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.5
nvd
больше 9 лет назад
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
CVSS3: 5.5
debian
больше 9 лет назад
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs. ...
EPSS
Процентиль: 10%
0.00035
Низкий
2.1 Low
CVSS2
5.5 Medium
CVSS3