You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa lxc

Sigurnosni nedostatak programskog paketa lxc

==========================================================================
Ubuntu Security Notice USN-3730-1
August 06, 2018

lxc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

LXC would allow unintended access to files.

Software Description:
– lxc: Linux Containers userspace tools

Details:

Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic
utility. A local attacker could possibly use this issue to open arbitrary
files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
lxc 3.0.1-0ubuntu1~18.04.2

After a standard system update you need to restart LXC containers to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3730-1
CVE-2018-6556

Package Information:
https://launchpad.net/ubuntu/+source/lxc/3.0.1-0ubuntu1~18.04.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltoe2cACgkQZWnYVadE
vpPOEA/9FQDzVv1FYWFh1lrBFaB1wSI42DbQ/qSJVBpO/nQxFTDbQouon1RynVAl
UtbmlABlF2yq3UnvTm2uz0UWoVxIkahzq0dyJhqZSDYydAs5F7TXQV2921ukkbg9
BZbgpHuwtex2ENXGrUmea/giegHISATxsb997DqtVs6Ym0rkty9Z2VGhC898XI6r
m9Pw6uTjkt9G9PhQ5pxts5+uXOdlQWb8KqDJH+FLhzYbjMGdP7i8yIwwQEjtiG/N
sY4JSGsE1u7FdUK5B4qFakEy5MMrLoLqornniEVzwZBSEO4Ey4nTO9KjFZ06jyol
wRB6ppPJmJ5kuoPk1gZqlK/AbFKDzn5VUniM62w7Dr/KaxjGGY5BTd4YSSz9guUP
JbLM/jln+rZfYpVZ86hHj4DfkolzbqMWk/3pjohzQKfzn9e/Z/+nA6yEiyJpm1o6
J6wk/4NCNFHNb5eUiOlX+35iD93ORQw1q3FihwVwXCxO9N7eRQJkO6AU31Z3TkNu
c35eBMOi0ywoL4lCQMR+OBs8kJxkZoTBKlo37zPWMgM+Ls1kkNERbPosQxy0dpDB
kCyHNvrmKb8fuM4yVQc8Wdra22ihCx7HNRRPVRihsNaT/V8qnPUm8huvvmwbeb9g
mX0cVCwxMxdyhsJUyHDR/ISVPQ5fxVJhXcIxUae1gPIXTZaM1AA=
=Wljt
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak jezgre operacijskog sustava RHEL. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija. Savjetuje se ažuriranje izdanim...

Close