CVE-2017-5985

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-5985
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5985.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-5985
Downstream
Related
Published
2017-03-14T17:59:00Z
Modified
2025-09-16T06:44:56.753571Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.

References

Affected packages

Debian:11 / lxc

Package

Name
lxc
Purl
pkg:deb/debian/lxc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.0.7-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / lxc

Package

Name
lxc
Purl
pkg:deb/debian/lxc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.0.7-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / lxc

Package

Name
lxc
Purl
pkg:deb/debian/lxc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.0.7-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / lxc

Package

Name
lxc
Purl
pkg:deb/debian/lxc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:2.0.7-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/lxc/lxc

Affected ranges

Type
GIT
Repo
https://github.com/lxc/lxc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
16af238036a5464ae8f2420ed3af214f0de875f9

Affected versions

lxc-0.*

lxc-0.6.5
lxc-0.7.0
lxc-0.7.1
lxc-0.7.2
lxc-0.7.3
lxc-0.7.4
lxc-0.7.4-rc1
lxc-0.7.5
lxc-0.8.0
lxc-0.8.0-rc2
lxc-0.9.0
lxc-0.9.0.alpha1
lxc-0.9.0.alpha2
lxc-0.9.0.alpha3
lxc-0.9.0.rc1

lxc-1.*

lxc-1.0.0
lxc-1.0.0.alpha1
lxc-1.0.0.alpha2
lxc-1.0.0.alpha3
lxc-1.0.0.beta1
lxc-1.0.0.beta2
lxc-1.0.0.beta3
lxc-1.0.0.beta4
lxc-1.0.0.rc1
lxc-1.0.0.rc2
lxc-1.0.0.rc3
lxc-1.0.0.rc4
lxc-1.1.0
lxc-1.1.0.alpha1
lxc-1.1.0.alpha2
lxc-1.1.0.alpha3
lxc-1.1.0.rc1
lxc-1.1.0.rc2
lxc-1.1.0.rc3
lxc-1.1.0.rc4

lxc-2.*

lxc-2.0.0
lxc-2.0.0.beta1
lxc-2.0.0.beta2
lxc-2.0.0.rc1
lxc-2.0.0.rc10
lxc-2.0.0.rc11
lxc-2.0.0.rc12
lxc-2.0.0.rc13
lxc-2.0.0.rc14
lxc-2.0.0.rc15
lxc-2.0.0.rc2
lxc-2.0.0.rc3
lxc-2.0.0.rc4
lxc-2.0.0.rc5
lxc-2.0.0.rc6
lxc-2.0.0.rc7
lxc-2.0.0.rc8
lxc-2.0.0.rc9

Other

lxc_0_1_0
lxc_0_2_0
lxc_0_2_1
lxc_0_4_0
lxc_0_5_0
lxc_0_5_1
lxc_0_5_2
lxc_0_6_0
lxc_0_6_1
lxc_0_6_2
lxc_0_6_3
lxc_0_6_4

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "function_hash": "66586636583137671287241950824185102139",
                "length": 1525.0
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9",
            "signature_type": "Function",
            "id": "CVE-2017-5985-04463e78",
            "target": {
                "function": "rename_in_ns",
                "file": "src/lxc/lxc_user_nic.c"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "184453693613105230564958774468904628471",
                    "213689352800831064766962382259232543637",
                    "282054262257143636695003258577702218051",
                    "288296174946153025621060317355396866491",
                    "185575579443518087421431069374589625740",
                    "86446414277430130393981265974405508416",
                    "7173049337415961378485173053535363069",
                    "163528300271594446835782579579678873688",
                    "142263805472952738167946435831958780425",
                    "79768053237728992237768768252165101057",
                    "204052851552719550928677828732007988421",
                    "184869736874373498472864785098168808535",
                    "281890829167963763774077994797129997447",
                    "244864858413093027007877784087181167649",
                    "133109641723182573498458878081626525780",
                    "93313650764007537661098579555607316291",
                    "121512734913155882533293145855997497354",
                    "332886636133217497697612713632443931978",
                    "171748887034154368929104268920127179298",
                    "298225778750673028172399851684216539449",
                    "58308870658893982775806834708165296041",
                    "108615236703608101210165321352194540976",
                    "262452227970562195460991416827961866996",
                    "287333728882250376379392139520789299331",
                    "210792961356899843565539874556740690873",
                    "215808239847107387282026131904674828210",
                    "260269101062366033889144294412801811279",
                    "298166305701248057572430139454369634259",
                    "172939512445086249725772739682190794006",
                    "275556858486836725273906075082373907673",
                    "118528969061506912498979865395249944602",
                    "22793761259857787277276224411905978681",
                    "62837071849508075784651402237574853610",
                    "176909310114710823887474554722317196250",
                    "317079016717754247012667519518423693284",
                    "23564028462140812989879905466472190611",
                    "277064231915815772945447483891970263619",
                    "202981768031263103797697348733742232620",
                    "5978856274666856564002923474719401338",
                    "215458384695442309935580168218134272436",
                    "299657005884343147499204368892452668210",
                    "195742644777985803358352368138743995190",
                    "161693264320693155649335724285460260227",
                    "50737274586391573756328294111421693875",
                    "129150160858185788658273458773443580221",
                    "73021888732415838538389455150706985285",
                    "259881220187117049028318734131791977646",
                    "60489331388883577278424487151115996413",
                    "119523683039213769320412400230373229986",
                    "187421006752503686272911843096895423816",
                    "203820086773451621675110253130457666816",
                    "268399293152151823443328773071169157386",
                    "99981609887040635641384690963853970334",
                    "169553944500900201036609533510602775987",
                    "224135519668644277391024758611434883033",
                    "6722166969452887077461464789350509951",
                    "239854245651430575550156311627598657508",
                    "185965288535624462993822477075882460949",
                    "339458069696814587169637650456192150356",
                    "116412324939526223914457879275534267361",
                    "77868519617328603347622938555976235918",
                    "109452586179805588180978634526869729460"
                ],
                "threshold": 0.9
            },
            "deprecated": false,
            "signature_version": "v1",
            "source": "https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9",
            "signature_type": "Line",
            "id": "CVE-2017-5985-83473d15",
            "target": {
                "file": "src/lxc/lxc_user_nic.c"
            }
        }
    ]
}