CVE 2016-8649
lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls.
Related bugs and status
CVE-2016-8649 (Candidate) is related to these bugs:
Bug #1639345: lxc-attach to malicious container allows access to host
Bug #1647010: SRU of LXC 2.0.6 (upstream bugfix release)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1647010 | SRU of LXC 2.0.6 (upstream bugfix release) | lxc (Ubuntu) | Undecided | Fix Released | ||
| 1647010 | SRU of LXC 2.0.6 (upstream bugfix release) | lxc (Ubuntu Xenial) | Undecided | Fix Released | ||
| 1647010 | SRU of LXC 2.0.6 (upstream bugfix release) | lxc (Ubuntu Yakkety) | Undecided | Fix Released | ||
| 1647010 | SRU of LXC 2.0.6 (upstream bugfix release) | lxc (Ubuntu Trusty) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
