Advisories » MGASA-2014-0102

Updated lxc packages fix security vulnerability

Publication date: 26 Feb 2014
Modification date: 26 Feb 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2013-6441

Description

Florian Sagar discovered that the LXC sshd template set incorrect mount
permissions. An attacker could possibly use this flaw to cause privilege
escalation on the host (CVE-2013-6441).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=12760
• http://www.ubuntu.com/usn/usn-2104-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6441

SRPMS

3/core

• lxc-0.8.0-1.2.mga3

4/core

• lxc-0.9.0-5.1.mga4