Oval Definition:oval:org.opensuse.security:def:20168649
Revision Date:2022-06-30Version:1
Title:CVE-2016-8649
Description:

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-8649
Mitre CVE-2016-8649
SUSE CVE-2016-8649
openSUSE-SU-2016:3179-1
Platform(s):openSUSE 13.2
openSUSE Leap 42.1
openSUSE Leap 42.2
openSUSE Tumbleweed
Product(s):
Definition Synopsis
  • openSUSE 13.2 is installed
  • AND Package Information
  • lxc-1.0.6-12.1 is installed
  • OR lxc-devel-1.0.6-12.1 is installed
    • Definition Synopsis
  • openSUSE Leap 42.1 is installed
  • AND Package Information
  • lxc-1.1.2-9.1 is installed
  • AND lxc is signed with openSUSE key
  • OR
  • lxc-devel-1.1.2-9.1 is installed
  • AND lxc-devel is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • lxc-1.1.2-10.1 is installed
  • AND lxc is signed with openSUSE key
  • OR
  • lxc-devel-1.1.2-10.1 is installed
  • AND lxc-devel is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • liblxc-devel-2.0.4-2.1 is installed
  • OR liblxc1-2.0.4-2.1 is installed
  • OR lxc-2.0.4-2.1 is installed
    • BACK