PublicDateAtUSN: 2015-09-29 14:00:00
Candidate: CVE-2015-1335
CRD: 2015-09-29 14:00:00
PublicDate: 2015-10-01 20:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1335
 https://ubuntu.com/security/notices/USN-2753-1
Description:
 lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container
 administrators to escape AppArmor confinement via a symlink attack on a (1)
 mount target or (2) bind mount source.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://launchpad.net/bugs/1476662
Priority: medium
Discovered-by: Roman Fiedler
Assigned-to: sbeattie
CVSS: 

Patches_lxc:
upstream_lxc: released (1.1.4)
precise_lxc: ignored (reached end-of-life)
precise/esm_lxc: DNE (precise was needed)
trusty_lxc: released (1.0.7-0ubuntu0.5)
trusty/esm_lxc: not-affected (trusty was released [1.0.7-0ubuntu0.5])
vivid_lxc: released (1.1.2-0ubuntu3.2)
vivid/stable-phone-overlay_lxc: released (1.1.2-0ubuntu3.2)
vivid/ubuntu-core_lxc: DNE
wily_lxc: not-affected (1.1.4-0ubuntu1)
xenial_lxc: not-affected (1.1.4-0ubuntu1)
esm-infra/xenial_lxc: not-affected (1.1.4-0ubuntu1)
yakkety_lxc: not-affected (1.1.4-0ubuntu1)
zesty_lxc: not-affected (1.1.4-0ubuntu1)
devel_lxc: not-affected (1.1.4-0ubuntu1)