PublicDateAtUSN: 2015-07-22 14:00:00 UTC
Candidate: CVE-2015-1331
CRD: 2015-07-22 14:00:00 UTC
PublicDate: 2015-08-12 14:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1331
 https://ubuntu.com/security/notices/USN-2675-1
Description:
 lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary
 files via a symlink attack on /run/lock/lxc/*.
Ubuntu-Description: 
Notes: 
 tyhicks> Affects LXC 1.0.0 and higher
Bugs: 
 https://launchpad.net/bugs/1470842
Priority: medium
Discovered-by: Roman Fiedler
Assigned-to: tyhicks
CVSS: 

Patches_lxc:
 upstream: https://github.com/lxc/lxc/commit/72cf81f6a3404e35028567db2c99a90406e9c6e6
upstream_lxc: released (1.1.3)
precise_lxc: not-affected
trusty_lxc: released (1.0.7-0ubuntu0.2)
trusty/esm_lxc: not-affected (trusty was released [1.0.7-0ubuntu0.2])
utopic_lxc: released (1.1.0~alpha2-0ubuntu3.3)
vivid_lxc: released (1.1.2-0ubuntu3.1)
devel_lxc: released (1.1.3-0ubuntu1)
vivid/stable-phone-overlay_lxc: released (1.1.2-0ubuntu3.1)
vivid/ubuntu-core_lxc: DNE