Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : lxc vulnerability (USN-3224-1)
Low Nessus Plugin ID 97659
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionJann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A local attacker could possibly use this issue to create virtual network interfaces in network namespaces that they do not own.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected lxc and / or lxc-common packages.