Launchpad CVE tracker

CVE 2013-6441

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

Related bugs and status

CVE-2013-6441 (Candidate) is related to these bugs:

Bug #1261045: Security bugfix in lxc-sshd template: add ro to the init-script

		In	Importance	Status
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu)	Medium	Fix Released
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu Precise)	Medium	Won't Fix
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu Quantal)	Medium	Won't Fix
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu Trusty)	Medium	Fix Released
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu Raring)	Medium	Won't Fix
1261045	Security bugfix in lxc-sshd template: add ro to the init-script	lxc (Ubuntu Saucy)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-6441

References