Snoopysecurity

**Name of the Vulnerable Software and Affected Versions** lxc versions prior to 7.0.0 **Description** A logic flaw in the `find line()` function of the `lxc-user-nic` setuid helper allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When scanning the NIC database to authorize a deletion request, the interface name comparison may set the authorization flag based solely on a name match, ignoring ownership, type, and link fields. This occurs because the check is reachable after the `goto next` label handling, and subsequent processes do not re-verify that the matched entry belongs to the caller. In multi-tenant environments using OpenVSwitch bridges, an attacker with a valid `lxc-usernet` policy entry can trigger the deletion of another user's OVS port on the same bridge, resulting in a denial of service by repeatedly disconnecting networking from other tenants' containers. **Recommendations** Update to version 7.0.0.

Name of the Vulnerable Software and Affected Versions: hackney versions 0.0.0 and later Description: The issue arises from improper parsing of URLs by the URI built-in module and hackney, leading to Server-side Request Forgery (SSRF). Given a URL like http://127.0.0.1?@127.2.2.2/, the URI function correctly identifies the host as 127.0.0.1, but hackney incorrectly refers to the host as 127.2.2.2/. This can be exploited when users rely on the URL function for host checking. Recommendations: For hackney versions 0.0.0 and later, consider disabling the URL parsing functionality until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the `URI` module for host checking in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by improper path sanitization, allowing archives with relative file paths to write or overwrite files outside the intended directory. This can lead to unintended file modifications. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by improper path sanitization, allowing archives with relative file paths to write or overwrite files outside the intended directory. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.