Evgeni

**Name of the Vulnerable Software and Affected Versions** Ansible versions prior to 1.9.6-1 Ansible versions 2.x prior to 2.0.2.0 **Description** The issue allows local users to write to arbitrary files or gain privileges via a symlink attack on several files and directories, including `/opt/.lxc-attach-script`, the archived container in the `archive path` directory, or the `lxc-attach-script.log` or `lxc-attach-script.err` files in the temporary directory. This is due to a flaw in the `create script` function within the `lxc container` module. **Recommendations** For Ansible versions prior to 1.9.6-1, update to version 1.9.6-1 or later. For Ansible versions 2.x prior to 2.0.2.0, update to version 2.0.2.0 or later. As a temporary workaround, consider restricting access to the `create script` function in the `lxc container` module until a patch is applied.