Vulnerability DatabaseCVE-2015-1342
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2015-1342
Published:December 07, 2015
Updated:May 17, 2026
LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to gain privileges by (1) querying or (2) updating a cgroup.
Related Resources (4)
http://www.ubuntu.com/usn/USN-2813-1
https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1342
https://github.com/lxc/lxcfs/commit/a8b6c3e0537e90fba3c55910fd1b7229d54a60a7
https://bugs.launchpad.net/ubuntu/+source/lxcfs/+bug/1508481
Do you need more information?
Contact Us
CVSS v3
Base Score:
5.9
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
CVSS v2
Base Score:
4.6
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
EPSS
Base Score:
0.06