CVE-2015-8222

Name of the Vulnerable Software and Affected Versions Ubuntu lxd versions prior to 0.20-0ubuntu4.1

Description The issue is related to insufficient access control to files in the Ubuntu operating system, specifically in the lxd package. It allows a local attacker to gain privileges through unspecified vectors due to world-readable permissions for /var/lib/lxd/unix.socket.

Recommendations For Ubuntu lxd versions prior to 0.20-0ubuntu4.1, update to version 0.20-0ubuntu4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /var/lib/lxd/unix.socket file to minimize the risk of exploitation.