Severity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.
AnalysisAI
Privilege escalation in Canonical LXD 4.12-6.7 allows authenticated remote attackers with VM instance editing rights to bypass project restrictions via incomplete denylist validation. Attackers inject AppArmor rules and QEMU chardev configurations through unblocked raw.apparmor and raw.qemu.conf keys, bridging the LXD Unix socket into guest VMs. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Canonical LXD 4.12–6.7 with restricted.virtual-machines.lowlevel=block project restriction enabled. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 9.1 reflects critical severity with network accessibility and high impact across confidentiality, integrity, and availability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | Authenticated attacker with can_edit VM permissions injects raw.apparmor and raw.qemu.conf directives to bridge LXD Unix socket into guest, escalating to cluster administrator then host root. No public exploit identified at time of analysis. |
| Remediation | Vendor-released patch: Upgrade to Canonical LXD version 6.8 or later, which implements complete denylist validation blocking raw.apparmor and raw.qemu.conf keys in restricted projects. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all LXD deployments running versions 4.12-6.7 and restrict VM instance editing permissions to trusted administrators only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
An authenticated path traversal vulnerability in Langflow's file upload functionality allows attackers to write arbitrar
An authorization bypass vulnerability in gRPC-Go allows attackers to circumvent path-based access control by sending HTT
Resource exhaustion in OpenTelemetry Go propagation library (v1.41.0 and earlier) enables remote attackers to trigger se
Path traversal in ApostropheCMS import-export module allows authenticated users with content modification permissions to
The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such a
Arbitrary host file write in Incus before 7.1.0 lets a holder of S3 bucket credentials escape the storage volume via a p
{$exists:true}`) that override the builder's intended filter, returning or altering every document in a MongoDB, CouchDB
Cross-guest storage-volume hijacking in Canonical LXD 6.6 through 6.8 lets an untrusted guest instance mount, read, and
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, efw.file.FileManager.unZip writes zip entries to disk usin
Consensus failure in Zebra nodes before 4.3.1 allows remote attackers to trigger network partitioning by submitting V4 o
Privilege escalation in Canonical LXD 4.12 through 6.7 enables remote authenticated restricted TLS certificate users to
Critical privilege escalation vulnerability in FreeIPA that allows authenticated users with high privileges to create Ke
Same weakness CWE-184 – Incomplete List of Disallowed Inputs
View allSame technique Privilege Escalation
View allVendor StatusVendor
SUSE
Severity: CriticalShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-20872
GHSA-fm2x-c5qw-4h6f