Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Mar 2017 07:03:32 -0500
From: Stiepan <>
Cc: St├ęphane Graber <>
Subject: Re: LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership

I don't know whether that is the same bug, or a related one, but on Debian8 using LXC from jessie-backports, setting the default route in a container affects the host - namely, from an unpriv. container, setting the route sets the host's route as well.
lxc-info --version outputs 2.0.6 and no update is currently available (on Debian).


-------- Original Message --------
Subject: [oss-security] LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership
Local Time: 9 March 2017 5:54 PM
UTC Time: 9 March 2017 16:55
St├ęphane Graber <>

Jann Horn discovered that the lxc-user-nic program could be tricked into
operating on a network namespace over which the caller did not hold

The behavior didn't follow what was documented in the lxc-user-nic(1)
man page:

It ensures that the calling user is privileged over the network
namespace to which the interface will be attached.

This issue is CVE-2017-5985.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ