Nixpkgs security tracker

Login with GitHub

Suggestion detail

Untriaged
Permalink CVE-2026-34177
9.1 CRITICAL
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): High (H)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): High (H)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 1 month, 2 weeks ago Activity log
  • Created suggestion 1 month, 2 weeks ago
VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.

Affected products

lxd
  • <5.21.5
  • <5.0.7
  • <6.8.0

Matching in nixpkgs

pkgs.lxd-ui

Web user interface for LXD

pkgs.lxd-lts

Daemon based on liblxc offering a REST API to manage containers

pkgs.lxd-image-server

Creates and manages a simplestreams lxd image server on top of nginx

pkgs.lxd-unwrapped-lts

Daemon based on liblxc offering a REST API to manage containers

Package maintainers