Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-5536

5.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months ago

A feature in LXD (LP#1829071), affects the default configuration of …

A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.

References

https://ubuntu.com/security/CVE-2023-5536 issue-tracking
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071 issue-tracking
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5536 issue-tracking
https://discourse.ubuntu.com/t/easy-multi-user-lxd-setup/26215/4 mitigation
https://discourse.ubuntu.com/t/easy-multi-user-lxd-setup/26215/4 mitigation x_transferred
https://ubuntu.com/security/CVE-2023-5536 issue-tracking x_transferred
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071 issue-tracking x_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5536 issue-tracking x_transferred

Affected products

Linux

<24.04

Matching in nixpkgs

pkgs.m33-linux

Linux program that can communicate with the Micro 3D printer

nixos-unstable -
- nixpkgs-unstable 0-unstable-2016-06-23

pkgs.vibrantlinux

Tool to automate managing your screen's saturation depending on what programs are running

nixos-unstable -
- nixpkgs-unstable 2.2.0

pkgs.perlPackages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perlPackages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl538Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl540Packages.LinuxFD

Linux specific special filehandles

nixos-unstable -
- nixpkgs-unstable 0.014

pkgs.perl538Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perl540Packages.LinuxACL

Perl extension for reading and setting Access Control Lists for files by libacl linux library

nixos-unstable -
- nixpkgs-unstable 0.05

pkgs.perlPackages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perlPackages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl538Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl540Packages.Linuxusermod

This module adds, removes and modify user and group accounts according to the passwd and shadow files syntax

nixos-unstable -
- nixpkgs-unstable 0.69

pkgs.perl538Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perl540Packages.LinuxInotify2

Scalable directory/file change notification for Perl on Linux

nixos-unstable -
- nixpkgs-unstable Inotify2-2.3

pkgs.perlPackages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perlPackages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl538Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl538Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

pkgs.perl540Packages.LinuxDesktopFiles

Fast parsing of the Linux desktop files

nixos-unstable -
- nixpkgs-unstable 0.25

pkgs.perl540Packages.LinuxDistribution

Perl extension to detect on which Linux distribution we are running

nixos-unstable -
- nixpkgs-unstable 0.23

Package maintainers

@de11n Elliot Cameron <nixpkgs-commits@deshaw.com>
@invokes-su Souvik Sen <nixpkgs-commits@deshaw.com>
@despsyched Priyanshu Tripathi <priyanshu.tripathi@deshaw.com>
@Scrumplex Sefa Eyeoglu <contact@scrumplex.net>
@unclamped Maru <clear6860@tutanota.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.m33-linux

pkgs.vibrantlinux

pkgs.perlPackages.LinuxFD

pkgs.perlPackages.LinuxACL

pkgs.perl538Packages.LinuxFD

pkgs.perl540Packages.LinuxFD

pkgs.perl538Packages.LinuxACL

pkgs.perl540Packages.LinuxACL

pkgs.perlPackages.Linuxusermod

pkgs.perlPackages.LinuxInotify2

pkgs.perl538Packages.Linuxusermod

pkgs.perl540Packages.Linuxusermod

pkgs.perl538Packages.LinuxInotify2

pkgs.perl540Packages.LinuxInotify2

pkgs.perlPackages.LinuxDesktopFiles

pkgs.perlPackages.LinuxDistribution

pkgs.perl538Packages.LinuxDesktopFiles

pkgs.perl538Packages.LinuxDistribution

pkgs.perl540Packages.LinuxDesktopFiles

pkgs.perl540Packages.LinuxDistribution

Package maintainers