CVE-2015-1331

Description

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.

Affected packages (2)

• Debian/lxcfrom 0, < 1:1.0.7-4
• Debian/lxcfrom 0, < 1:1.0.6-6+deb8u1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1331