Serge Hallyn

**Name of the Vulnerable Software and Affected Versions** LXCFS versions prior to 0.12 **Description** The issue is related to the improper enforcement of directory escapes in LXCFS, which could potentially allow local users to gain privileges. This can be achieved by either querying or updating a cgroup. **Recommendations** For versions prior to 0.12, update to version 0.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LXCFS versions prior to 0.12 **Description** The issue arises from the `do write pids` function in `lxcfs.c`, which fails to properly check permissions. This allows local users to gain privileges by writing a pid to the `tasks` file. **Recommendations** For versions prior to 0.12, update to version 0.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** cmanager version 0.32 **Description** The issue is related to the improper enforcement of nesting when modifying cgroup properties. This allows local users to set cgroup values for all cgroups, potentially leading to unauthorized access or modifications. **Recommendations** For cmanager version 0.32, at the moment, there is no information about a newer version that contains a fix for this vulnerability.