CVE-2017-5985
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-5985
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5985.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-5985
- Downstream
- Related
- Published
- 2017-03-14T17:59:00Z
- Modified
- 2025-10-15T09:02:29.580127Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.
- References
-
- http://www.openwall.com/lists/oss-security/2017/03/09/4
- http://www.securityfocus.com/bid/96777
- http://www.ubuntu.com/usn/USN-3224-1
- https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1654676
- https://lists.linuxcontainers.org/pipermail/lxc-devel/2017-March/015535.html
- https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html
Affected packages
Git / github.com/lxc/lxc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/lxc/lxc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
lxc-0.*
lxc-0.6.5
lxc-0.7.0
lxc-0.7.1
lxc-0.7.2
lxc-0.7.3
lxc-0.7.4
lxc-0.7.4-rc1
lxc-0.7.5
lxc-0.8.0
lxc-0.8.0-rc2
lxc-0.9.0
lxc-0.9.0.alpha1
lxc-0.9.0.alpha2
lxc-0.9.0.alpha3
lxc-0.9.0.rc1
lxc-1.*
lxc-1.0.0
lxc-1.0.0.alpha1
lxc-1.0.0.alpha2
lxc-1.0.0.alpha3
lxc-1.0.0.beta1
lxc-1.0.0.beta2
lxc-1.0.0.beta3
lxc-1.0.0.beta4
lxc-1.0.0.rc1
lxc-1.0.0.rc2
lxc-1.0.0.rc3
lxc-1.0.0.rc4
lxc-1.1.0
lxc-1.1.0.alpha1
lxc-1.1.0.alpha2
lxc-1.1.0.alpha3
lxc-1.1.0.rc1
lxc-1.1.0.rc2
lxc-1.1.0.rc3
lxc-1.1.0.rc4
lxc-2.*
lxc-2.0.0
lxc-2.0.0.beta1
lxc-2.0.0.beta2
lxc-2.0.0.rc1
lxc-2.0.0.rc10
lxc-2.0.0.rc11
lxc-2.0.0.rc12
lxc-2.0.0.rc13
lxc-2.0.0.rc14
lxc-2.0.0.rc15
lxc-2.0.0.rc2
lxc-2.0.0.rc3
lxc-2.0.0.rc4
lxc-2.0.0.rc5
lxc-2.0.0.rc6
lxc-2.0.0.rc7
lxc-2.0.0.rc8
lxc-2.0.0.rc9
Other
lxc_0_1_0
lxc_0_2_0
lxc_0_2_1
lxc_0_4_0
lxc_0_5_0
lxc_0_5_1
lxc_0_5_2
lxc_0_6_0
lxc_0_6_1
lxc_0_6_2
lxc_0_6_3
lxc_0_6_4
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9",
"signature_version": "v1",
"target": {
"function": "rename_in_ns",
"file": "src/lxc/lxc_user_nic.c"
},
"digest": {
"function_hash": "66586636583137671287241950824185102139",
"length": 1525.0
},
"id": "CVE-2017-5985-04463e78"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9",
"signature_version": "v1",
"target": {
"file": "src/lxc/lxc_user_nic.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"184453693613105230564958774468904628471",
"213689352800831064766962382259232543637",
"282054262257143636695003258577702218051",
"288296174946153025621060317355396866491",
"185575579443518087421431069374589625740",
"86446414277430130393981265974405508416",
"7173049337415961378485173053535363069",
"163528300271594446835782579579678873688",
"142263805472952738167946435831958780425",
"79768053237728992237768768252165101057",
"204052851552719550928677828732007988421",
"184869736874373498472864785098168808535",
"281890829167963763774077994797129997447",
"244864858413093027007877784087181167649",
"133109641723182573498458878081626525780",
"93313650764007537661098579555607316291",
"121512734913155882533293145855997497354",
"332886636133217497697612713632443931978",
"171748887034154368929104268920127179298",
"298225778750673028172399851684216539449",
"58308870658893982775806834708165296041",
"108615236703608101210165321352194540976",
"262452227970562195460991416827961866996",
"287333728882250376379392139520789299331",
"210792961356899843565539874556740690873",
"215808239847107387282026131904674828210",
"260269101062366033889144294412801811279",
"298166305701248057572430139454369634259",
"172939512445086249725772739682190794006",
"275556858486836725273906075082373907673",
"118528969061506912498979865395249944602",
"22793761259857787277276224411905978681",
"62837071849508075784651402237574853610",
"176909310114710823887474554722317196250",
"317079016717754247012667519518423693284",
"23564028462140812989879905466472190611",
"277064231915815772945447483891970263619",
"202981768031263103797697348733742232620",
"5978856274666856564002923474719401338",
"215458384695442309935580168218134272436",
"299657005884343147499204368892452668210",
"195742644777985803358352368138743995190",
"161693264320693155649335724285460260227",
"50737274586391573756328294111421693875",
"129150160858185788658273458773443580221",
"73021888732415838538389455150706985285",
"259881220187117049028318734131791977646",
"60489331388883577278424487151115996413",
"119523683039213769320412400230373229986",
"187421006752503686272911843096895423816",
"203820086773451621675110253130457666816",
"268399293152151823443328773071169157386",
"99981609887040635641384690963853970334",
"169553944500900201036609533510602775987",
"224135519668644277391024758611434883033",
"6722166969452887077461464789350509951",
"239854245651430575550156311627598657508",
"185965288535624462993822477075882460949",
"339458069696814587169637650456192150356",
"116412324939526223914457879275534267361",
"77868519617328603347622938555976235918",
"109452586179805588180978634526869729460"
]
},
"id": "CVE-2017-5985-83473d15"
}
]