CVE-2015-1340

Name of the Vulnerable Software and Affected Versions LXD versions prior to 0.19-0ubuntu5

Description The issue arises from a race condition between chown and chmod operations during a container filesystem shift. This could allow an attacker to change the mode of any file on the system, rather than the expected path, by creating a symbolic link in a specific window. The doUidshiftIntoContainer() function has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function.

Recommendations For versions prior to 0.19-0ubuntu5, update to version 0.19-0ubuntu5 or later to resolve the issue. As a temporary workaround, consider restricting access to the doUidshiftIntoContainer() function until a patch is available. Avoid using the Chmod() call in the affected Filepath.Walk() function until the issue is resolved.