UBUNTU-CVE-2026-39402
- Source
- https://ubuntu.com/security/CVE-2026-39402
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39402.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-39402
- Upstream
- Published
- 2026-05-05T21:16:00Z
- Modified
- 2026-05-20T16:25:38.695202580Z
- Severity
-
- 4.3 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H CVSS Calculator
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the find_line() function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a deletion request, the interface name comparison can set the authorization flag based on a name match alone, even when the ownership, type, and link fields in that database entry belong to a different user. The vulnerable check sits after the goto next label handling, meaning it is reachable on lines where earlier ownership checks failed or were skipped. Because nothing downstream of this authorization signal re-verifies that the matched database line actually belongs to the caller, an unprivileged attacker with a valid lxc-usernet policy entry can trigger deletion of another user's OVS port on the same bridge. This is limited to multi-tenant environments using lxc-user-nic with OpenVSwitch bridges. The impact is denial of service - one tenant can repeatedly disconnect networking from containers run by another tenant on shared infrastructure. This is patched in version 7.0.0.
- References
Affected packages
Ubuntu:14.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.0.0~alpha1-0ubuntu11
1.0.0~alpha2-0ubuntu1
1.0.0~alpha2-0ubuntu3
1.0.0~alpha2-0ubuntu4
1.0.0~alpha2-0ubuntu5
1.0.0~alpha2-0ubuntu6
1.0.0~alpha3-0ubuntu1
1.0.0~alpha3-0ubuntu2
1.0.0~alpha3-0ubuntu3
1.0.0~alpha3-0ubuntu4
1.0.0~alpha3-0ubuntu5
1.0.0~alpha3-0ubuntu6
1.0.0~alpha3-0ubuntu7
1.0.0~alpha3-0ubuntu8
1.0.0~beta1-0ubuntu1
1.0.0~beta1-0ubuntu2
1.0.0~beta1-0ubuntu3
1.0.0~beta2-0ubuntu1
1.0.0~beta2-0ubuntu2
1.0.0~beta3-0ubuntu1
1.0.0~beta4-0ubuntu1
1.0.0~beta4-0ubuntu2
1.0.0~rc1-0ubuntu2
1.0.0~rc3-0ubuntu1
1.0.0~rc4-0ubuntu1
1.0.0-0ubuntu1
1.0.0-0ubuntu2
1.0.0-0ubuntu3
1.0.0-0ubuntu4
1.0.1-0ubuntu1
1.0.2-0ubuntu1
1.0.2-0ubuntu2
1.0.3-0ubuntu1
1.0.3-0ubuntu2
1.0.3-0ubuntu3
1.0.4-0ubuntu0.1
1.0.5-0ubuntu0.1
1.0.6-0ubuntu0.1
1.0.7-0ubuntu0.1
1.0.7-0ubuntu0.2
1.0.7-0ubuntu0.5
1.0.7-0ubuntu0.6
1.0.7-0ubuntu0.7
1.0.7-0ubuntu0.9
1.0.7-0ubuntu0.10
1.0.8-0ubuntu0.3
1.0.8-0ubuntu0.4
1.0.9-0ubuntu2
1.0.9-0ubuntu3
1.0.10-0ubuntu1
1.0.10-0ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc1",
"binary_version": "1.0.10-0ubuntu1.1"
},
{
"binary_name": "lxc",
"binary_version": "1.0.10-0ubuntu1.1"
},
{
"binary_name": "lxc-templates",
"binary_version": "1.0.10-0ubuntu1.1"
},
{
"binary_name": "lxc-tests",
"binary_version": "1.0.10-0ubuntu1.1"
},
{
"binary_name": "python3-lxc",
"binary_version": "1.0.10-0ubuntu1.1"
}
]
}Ubuntu:18.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.1.0-0ubuntu1
2.1.1-0ubuntu1
3.*
3.0.0~beta1-0ubuntu3
3.0.0~beta2-0ubuntu2
3.0.0~beta3-0ubuntu1
3.0.0~beta4-0ubuntu1
3.0.0-0ubuntu1
3.0.0-0ubuntu2
3.0.1-0ubuntu1~18.04.1
3.0.1-0ubuntu1~18.04.2
3.0.2-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
},
{
"binary_name": "liblxc1",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
},
{
"binary_name": "lxc",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
},
{
"binary_name": "lxc-utils",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
},
{
"binary_name": "lxc1",
"binary_version": "3.0.3-0ubuntu1~18.04.3"
}
]
}Ubuntu:20.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.0.4-0ubuntu1
3.0.4-0ubuntu2
1:4.*
1:4.0.0-0ubuntu2
1:4.0.1-0ubuntu1
1:4.0.1-0ubuntu2
1:4.0.2-0ubuntu1
1:4.0.6-0ubuntu1~20.04.1
1:4.0.12-0ubuntu1~20.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
},
{
"binary_name": "liblxc1",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
},
{
"binary_name": "lxc",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
},
{
"binary_name": "lxc-utils",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
},
{
"binary_name": "lxc1",
"binary_version": "1:4.0.12-0ubuntu1~20.04.1"
}
]
}Ubuntu:22.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:4.*
1:4.0.10-0ubuntu5
1:4.0.12-0ubuntu1
1:4.0.12-0ubuntu2
1:5.*
1:5.0.0~git2209-g5a7b9ce67-0ubuntu1
1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
},
{
"binary_name": "liblxc1",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
},
{
"binary_name": "lxc",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
},
{
"binary_name": "lxc-utils",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
},
{
"binary_name": "lxc1",
"binary_version": "1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1"
}
]
}Ubuntu:24.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:5.*
1:5.0.1-0ubuntu7
1:5.0.1-0ubuntu8
1:5.0.3-2ubuntu5
1:5.0.3-2ubuntu7
1:5.0.3-2ubuntu7.1
1:5.0.3-2ubuntu7.2
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "liblxc1t64",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "lxc",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "lxc-tests",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "lxc-utils",
"binary_version": "1:5.0.3-2ubuntu7.2"
},
{
"binary_name": "lxc1",
"binary_version": "1:5.0.3-2ubuntu7.2"
}
]
}Ubuntu:25.10
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "1:6.0.4-4ubuntu1"
},
{
"binary_name": "liblxc1t64",
"binary_version": "1:6.0.4-4ubuntu1"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "1:6.0.4-4ubuntu1"
},
{
"binary_name": "lxc",
"binary_version": "1:6.0.4-4ubuntu1"
},
{
"binary_name": "lxc-tests",
"binary_version": "1:6.0.4-4ubuntu1"
}
]
}Ubuntu:26.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc-common",
"binary_version": "1:6.0.6-1"
},
{
"binary_name": "liblxc1t64",
"binary_version": "1:6.0.6-1"
},
{
"binary_name": "libpam-cgfs",
"binary_version": "1:6.0.6-1"
},
{
"binary_name": "lxc",
"binary_version": "1:6.0.6-1"
},
{
"binary_name": "lxc-tests",
"binary_version": "1:6.0.6-1"
}
]
}Ubuntu:Pro:16.04:LTS
lxc
Package
- Name
- lxc
- Purl
- pkg:deb/ubuntu/lxc?arch=source&distro=esm-infra%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.1.4-0ubuntu1
1.1.4-0ubuntu1.1
1.1.4-0ubuntu3
1.1.5-0ubuntu1
1.1.5-0ubuntu2
1.1.5-0ubuntu3
1.1.5-0ubuntu4
1.1.5-0ubuntu5
1.1.5-0ubuntu6
2.*
2.0.0~beta2-0ubuntu2
2.0.0~rc1-0ubuntu1
2.0.0~rc2-0ubuntu2
2.0.0~rc3-0ubuntu1
2.0.0~rc3-0ubuntu2
2.0.0~rc3-0ubuntu3
2.0.0~rc4-0ubuntu1
2.0.0~rc5-0ubuntu1
2.0.0~rc9-0ubuntu1
2.0.0~rc10-0ubuntu1
2.0.0~rc10-0ubuntu2
2.0.0~rc11-0ubuntu1
2.0.0~rc12-0ubuntu1
2.0.0~rc13-0ubuntu2
2.0.0~rc14-0ubuntu2
2.0.0~rc15-0ubuntu1
2.0.0-0ubuntu1
2.0.0-0ubuntu2
2.0.1-0ubuntu1~16.04.1
2.0.3-0ubuntu1~ubuntu16.04.1
2.0.4-0ubuntu1~ubuntu16.04.2
2.0.5-0ubuntu1~ubuntu16.04.1
2.0.5-0ubuntu1~ubuntu16.04.2
2.0.5-0ubuntu1~ubuntu16.04.3
2.0.6-0ubuntu1~ubuntu16.04.1
2.0.6-0ubuntu1~ubuntu16.04.2
2.0.7-0ubuntu1~16.04.1
2.0.7-0ubuntu1~16.04.2
2.0.8-0ubuntu1~16.04.2
2.0.11-0ubuntu1~16.04.3
2.0.11-0ubuntu1~16.04.3+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "liblxc1",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lua-lxc",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lxc",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lxc-common",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lxc-templates",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lxc-tests",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "lxc1",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
},
{
"binary_name": "python3-lxc",
"binary_version": "2.0.11-0ubuntu1~16.04.3+esm1"
}
]
}