GLSA-201711-09 : LXC: Remote security bypass
Medium Nessus Plugin ID 104517
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201711-09 (LXC: Remote security bypass)
Previous versions of lxc-attach ran a shell or the specified command without allocating a pseudo terminal making it vulnerable to input faking via a TIOCSTI ioctl call.
Remote attackers can escape the container and perform unauthorized modifications.
There is no know workaround at this time.
SolutionAll LXC users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/lxc-2.0.7'