CVE-2016-1581

Description

LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.

References

https://linuxcontainers.org/lxd/news/

http://www.ubuntu.com/usn/USN-2988-1

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3