CVE-2026-34178

Exploit

EPSS 0.05%
Veröffentlicht 09.04.2026 09:18:58
Zuletzt bearbeitet 22.04.2026 20:55:16
Quelle security@ubuntu.com
CVE-Watchlists
Login
Unerledigt
Login

Importing a crafted backup leads to project restriction bypass

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permission in a restricted project can craft a backup archive where backup.yaml carries restricted settings such as security.privileged=true or raw.lxc directives, bypassing all project restriction enforcement and allowing full host compromise.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 3 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Lxd Version >= 4.12 <= 5.0.6

Canonical ≫ Lxd Version >= 5.21.0 <= 5.21.4

Canonical ≫ Lxd Version >= 6.0 <= 6.7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.162

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@ubuntu.com	9.1	2.3	6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4

Third Party Advisory

Exploit

https://github.com/canonical/lxd/pull/17921

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2026-34178

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-34178

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-34178

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-34178