CVE-2016-10124

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-10124

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10124.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-10124

Related

Published

2017-01-09T08:59:00Z

Modified

2025-01-15T00:58:49.948076Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container.

References

Affected packages

Debian:11 / lxc

Package

Name: lxc
Purl: pkg:deb/debian/lxc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / lxc

Package

Name: lxc
Purl: pkg:deb/debian/lxc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / lxc

Package

Name: lxc
Purl: pkg:deb/debian/lxc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.0.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/lxc/lxc

Affected ranges

Type: GIT
Repo: https://github.com/lxc/lxc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6

Fixed

e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6

Affected versions

lxc-0.*

lxc-0.6.5

lxc-0.7.0

lxc-0.7.1

lxc-0.7.2

lxc-0.7.3

lxc-0.7.4

lxc-0.7.4-rc1

lxc-0.7.5

lxc-0.8.0

lxc-0.8.0-rc2

lxc-0.9.0

lxc-0.9.0.alpha1

lxc-0.9.0.alpha2

lxc-0.9.0.alpha3

lxc-0.9.0.rc1

lxc-1.*

lxc-1.0.0

lxc-1.0.0.alpha1

lxc-1.0.0.alpha2

lxc-1.0.0.alpha3

lxc-1.0.0.beta1

lxc-1.0.0.beta2

lxc-1.0.0.beta3

lxc-1.0.0.beta4

lxc-1.0.0.rc1

lxc-1.0.0.rc2

lxc-1.0.0.rc3

lxc-1.0.0.rc4

lxc-1.1.0

lxc-1.1.0.alpha1

lxc-1.1.0.alpha2

lxc-1.1.0.alpha3

lxc-1.1.0.rc1

lxc-1.1.0.rc2

lxc-1.1.0.rc3

lxc-1.1.0.rc4

lxc-2.*

lxc-2.0.0.beta1

lxc-2.0.0.beta2

lxc-2.0.0.rc1

lxc-2.0.0.rc2

Other

lxc_0_1_0

lxc_0_2_0

lxc_0_2_1

lxc_0_4_0

lxc_0_5_0

lxc_0_5_1

lxc_0_5_2

lxc_0_6_0

lxc_0_6_1

lxc_0_6_2

lxc_0_6_3

lxc_0_6_4