Oval Definition:oval:org.opensuse.security:def:20186556
Revision Date:2022-06-30Version:1
Title:CVE-2018-6556
Description:

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-6556
Mitre CVE-2018-6556
SUSE CVE-2018-6556
openSUSE-SU-2018:2316-1
openSUSE-SU-2019:1227-1
openSUSE-SU-2019:1230-1
openSUSE-SU-2019:1275-1
openSUSE-SU-2019:1481-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • liblxc-devel-3.1.0-lp150.2.10 is installed
  • AND liblxc-devel is signed with openSUSE key
  • OR
  • liblxc1-3.1.0-lp150.2.10 is installed
  • AND liblxc1 is signed with openSUSE key
  • OR
  • lxc-3.1.0-lp150.2.10 is installed
  • AND lxc is signed with openSUSE key
  • OR
  • lxc-bash-completion-3.1.0-lp150.2.10 is installed
  • AND lxc-bash-completion is signed with openSUSE key
  • OR
  • lxcfs-3.0.3-lp150.2.3 is installed
  • AND lxcfs is signed with openSUSE key
  • OR
  • lxcfs-hooks-lxc-3.0.3-lp150.2.3 is installed
  • AND lxcfs-hooks-lxc is signed with openSUSE key
  • OR
  • pam_cgfs-3.1.0-lp150.2.10 is installed
  • AND pam_cgfs is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • liblxc-devel-2.0.9-bp150.5.6 is installed
  • OR liblxc1-2.0.9-bp150.5.6 is installed
  • OR lxc-2.0.9-bp150.5.6 is installed
  • OR lxc-bash-completion-3.1.0-bp150.5.3 is installed
  • OR lxcfs-3.0.3-bp150.3.3 is installed
  • OR lxcfs-hooks-lxc-3.0.3-bp150.3.3 is installed
  • OR pam_cgfs-3.1.0-bp150.5.3 is installed
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • liblxc-devel-3.1.0-24 is installed
  • AND liblxc-devel is signed with openSUSE key
  • OR
  • liblxc1-3.1.0-24 is installed
  • AND liblxc1 is signed with openSUSE key
  • OR
  • lxc-3.1.0-24 is installed
  • AND lxc is signed with openSUSE key
  • OR
  • lxc-bash-completion-3.1.0-24 is installed
  • AND lxc-bash-completion is signed with openSUSE key
  • OR
  • lxcfs-3.0.3-2 is installed
  • AND lxcfs is signed with openSUSE key
  • OR
  • lxcfs-hooks-lxc-3.0.3-2 is installed
  • AND lxcfs-hooks-lxc is signed with openSUSE key
  • OR
  • pam_cgfs-3.1.0-24 is installed
  • AND pam_cgfs is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • liblxc-devel-4.0.9-1.1 is installed
  • OR liblxc1-4.0.9-1.1 is installed
  • OR lxc-4.0.9-1.1 is installed
  • OR lxc-bash-completion-4.0.9-1.1 is installed
  • OR pam_cgfs-4.0.9-1.1 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • liblxc-devel-3.1.0-bp150.5.3.1 is installed
  • OR liblxc1-3.1.0-bp150.5.3.1 is installed
  • OR lxc-3.1.0-bp150.5.3.1 is installed
  • OR lxc-bash-completion-3.1.0-bp150.5.3.1 is installed
  • OR lxcfs-3.0.3-bp150.3.3.1 is installed
  • OR lxcfs-hooks-lxc-3.0.3-bp150.3.3.1 is installed
  • OR pam_cgfs-3.1.0-bp150.5.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND lxc is not affected
    • BACK