Bugtraq ID: 75998
CVE: CVE-2015-1334
Remote: Yes
Local: No
Author: Roman Fiedler (Austrian Institute of Technology)
Remote: Yes
Local: No
Author: Roman Fiedler (Austrian Institute of Technology)
VULNERABILITY DESCRIPTION
LXC is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
VULNERABLE VERSIONS
- Ubuntu Linux 15.04
- Ubuntu Linux 14.10
- Ubuntu Linux 14.04 LTS
- Oracle Enterprise Linux 6.2
- Oracle Enterprise Linux 6
- LXC LXC 0.9
- Debian Linux 6.0 sparc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 mips
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 arm
- Debian Linux 6.0 amd64
MITIGATION
Updates are available. Please see the references or vendor advisory for more information.