Advisories ยป MGASA-2019-0087

Updated lxc packages fix security vulnerability

Publication date: 17 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-5736


LXC allows attackers to overwrite the host LXC binary (and consequently
obtain host root access) by leveraging the ability to execute a command as
root within one of these types of containers: a new container with an
attacker-controlled image, or an existing container, to which the attacker
previously had write access. This occurs because of file-descriptor
mishandling, related to /proc/self/exe. This attack is only possible with
privileged containers since it requires root privilege on the host to
overwrite the binary.