CVE-2026-33711

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0

Description Incus, a system container and virtual machine manager, has an issue in its API for retrieving VM screenshots. This API uses a temporary file for QEMU to write the screenshot to, which is then sent to the user. Versions prior to 6.23.0 use predictable paths under /tmp for these temporary files. An attacker with local access can exploit this by creating symlinks. On most Linux systems with the protected symlinks kernel security feature enabled, this results in a "Permission denied" error. However, on systems where this feature is disabled, an attacker can trick Incus into truncating and altering the mode and permissions of arbitrary files on the filesystem, potentially leading to a denial of service or local privilege escalation. The vulnerable code is located in the instanceConsoleGet function within cmd/incusd/instance console.go and the ConsoleScreenshot function within internal/server/instance/drivers/driver qemu.go. A proof-of-concept (PoC) demonstrates that an attacker can pre-place symlink traps and coerce the Incus daemon into truncating and changing the ownership of a sensitive host file. The /proc/sys/fs/protected symlinks file can be checked to determine if the kernel protection mechanism is disabled, with a value of 0 indicating it is disabled.

Recommendations Versions prior to 6.23.0 should be updated to version 6.23.0 or later.