Ubuntu Security Notice 2988-1 - Robie Basak discovered that LXD incorrectly set permissions when setting up a loop based ZFS pool. A local attacker could use this issue to copy and read the data of any LXD container. Robie Basak discovered that LXD incorrectly set permissions when switching an unprivileged container into privileged mode. A local attacker could use this issue to access any world readable path in the container directory, including setuid binaries. Various other issues were also addressed.
eaa7edec08f0e3f46bdd99e86421a02ee9649cd7ed30ad06309fea46089f3b8f
============================================================================
Ubuntu Security Notice USN-2988-1
May 31, 2016
lxd vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
Summary:
Several security issues were fixed in LXD.
Software Description:
- lxd: Container hypervisor based on LXC
Details:
Robie Basak discovered that LXD incorrectly set permissions when setting up
a loop based ZFS pool. A local attacker could use this issue to copy and
read the data of any LXD container. (CVE-2016-1581)
Robie Basak discovered that LXD incorrectly set permissions when switching
an unprivileged container into privileged mode. A local attacker could use
this issue to access any world readable path in the container directory,
including setuid binaries. (CVE-2016-1582)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
lxd 2.0.2-0ubuntu1~16.04.1
Ubuntu 15.10:
lxd 0.20-0ubuntu4.2
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2988-1
CVE-2016-1581, CVE-2016-1582
Package Information:
https://launchpad.net/ubuntu/+source/lxd/2.0.2-0ubuntu1~16.04.1
https://launchpad.net/ubuntu/+source/lxd/0.20-0ubuntu4.2