PublicDateAtUSN: 2017-03-09 16:00:00
Candidate: CVE-2017-5985
CRD: 2017-03-09 16:00:00
PublicDate: 2017-03-14 17:59:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5985
 https://ubuntu.com/security/notices/USN-3224-1
 https://lists.linuxcontainers.org/pipermail/lxc-users/2017-March/012925.html
Description:
 lxc-user-nic in Linux Containers (LXC) allows local users with a
 lxc-usernet allocation to create network interfaces on the host and choose
 the name of those interfaces by leveraging lack of netns ownership check.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://launchpad.net/bugs/1654676
Priority: medium
Discovered-by: Jann Horn
Assigned-to: tyhicks
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N [3.3 LOW]

Patches_lxc:
 upstream: https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9
upstream_lxc: needs-triage
precise_lxc: not-affected (lxc-user-nic doesn't exist)
trusty_lxc: released (1.0.9-0ubuntu3)
trusty/esm_lxc: not-affected (trusty was released [1.0.9-0ubuntu3])
vivid/stable-phone-overlay_lxc: needs-triage
vivid/ubuntu-core_lxc: DNE
xenial_lxc: released (2.0.7-0ubuntu1~16.04.2)
esm-infra/xenial_lxc: released (2.0.7-0ubuntu1~16.04.2)
yakkety_lxc: released (2.0.7-0ubuntu1~16.10.2)
devel_lxc: released (2.0.7-0ubuntu2)