LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.
References
Link | Resource |
---|---|
https://github.com/lxc/lxd/commit/19c6961cc1012c8a529f20807328a9357f5034f4 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2015-10-02T00:00:00
Updated: 2019-04-22T15:35:59
Reserved: 2015-01-22T00:00:00
Link: CVE-2015-1340
JSON object: View
NVD Information
Status : Modified
Published: 2019-04-22T16:29:00.897
Modified: 2019-10-09T23:13:11.830
Link: CVE-2015-1340
JSON object: View
Redhat Information
No data.
CWE