LXD vulnerable to Race Condition
High severity
GitHub Reviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Sep 29, 2023
Package
Affected versions
< 0.0.0-20151004155856-19c6961cc101
Patched versions
0.0.0-20151004155856-19c6961cc101
Description
Published by the National Vulnerability Database
Apr 22, 2019
Published to the GitHub Advisory Database
May 24, 2022
Reviewed
Feb 7, 2023
Last updated
Sep 29, 2023
LXD before version 0.19-0ubuntu5
doUidshiftIntoContainer()
has an unsafeChmod()
call that races against the stat in theFilepath.Walk()
function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice.Specific Go Packages Affected
github.com/lxc/lxd/shared
References