{"id":"CVE-2017-5985","details":"lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ownership check.","modified":"2026-02-02T15:16:36.136154Z","published":"2017-03-14T17:59:00.183Z","related":["MGASA-2017-0167","openSUSE-SU-2024:11030-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2017/03/09/4"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/96777"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-3224-1"},{"type":"ADVISORY","url":"https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1654676"},{"type":"ADVISORY","url":"https://lists.linuxcontainers.org/pipermail/lxc-devel/2017-March/015535.html"},{"type":"REPORT","url":"https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9"},{"type":"FIX","url":"https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2017/03/09/4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lxc/lxc","events":[{"introduced":"0"},{"fixed":"16af238036a5464ae8f2420ed3af214f0de875f9"}]}],"versions":["lxc-0.6.5","lxc-0.7.0","lxc-0.7.1","lxc-0.7.2","lxc-0.7.3","lxc-0.7.4","lxc-0.7.4-rc1","lxc-0.7.5","lxc-0.8.0","lxc-0.8.0-rc2","lxc-0.9.0","lxc-0.9.0.alpha1","lxc-0.9.0.alpha2","lxc-0.9.0.alpha3","lxc-0.9.0.rc1","lxc-1.0.0","lxc-1.0.0.alpha1","lxc-1.0.0.alpha2","lxc-1.0.0.alpha3","lxc-1.0.0.beta1","lxc-1.0.0.beta2","lxc-1.0.0.beta3","lxc-1.0.0.beta4","lxc-1.0.0.rc1","lxc-1.0.0.rc2","lxc-1.0.0.rc3","lxc-1.0.0.rc4","lxc-1.1.0","lxc-1.1.0.alpha1","lxc-1.1.0.alpha2","lxc-1.1.0.alpha3","lxc-1.1.0.rc1","lxc-1.1.0.rc2","lxc-1.1.0.rc3","lxc-1.1.0.rc4","lxc-2.0.0","lxc-2.0.0.beta1","lxc-2.0.0.beta2","lxc-2.0.0.rc1","lxc-2.0.0.rc10","lxc-2.0.0.rc11","lxc-2.0.0.rc12","lxc-2.0.0.rc13","lxc-2.0.0.rc14","lxc-2.0.0.rc15","lxc-2.0.0.rc2","lxc-2.0.0.rc3","lxc-2.0.0.rc4","lxc-2.0.0.rc5","lxc-2.0.0.rc6","lxc-2.0.0.rc7","lxc-2.0.0.rc8","lxc-2.0.0.rc9","lxc_0_1_0","lxc_0_2_0","lxc_0_2_1","lxc_0_4_0","lxc_0_5_0","lxc_0_5_1","lxc_0_5_2","lxc_0_6_0","lxc_0_6_1","lxc_0_6_2","lxc_0_6_3","lxc_0_6_4"],"database_specific":{"vanir_signatures":[{"deprecated":false,"digest":{"length":1525,"function_hash":"66586636583137671287241950824185102139"},"target":{"function":"rename_in_ns","file":"src/lxc/lxc_user_nic.c"},"source":"https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9","signature_type":"Function","id":"CVE-2017-5985-04463e78","signature_version":"v1"},{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["184453693613105230564958774468904628471","213689352800831064766962382259232543637","282054262257143636695003258577702218051","288296174946153025621060317355396866491","185575579443518087421431069374589625740","86446414277430130393981265974405508416","7173049337415961378485173053535363069","163528300271594446835782579579678873688","142263805472952738167946435831958780425","79768053237728992237768768252165101057","204052851552719550928677828732007988421","184869736874373498472864785098168808535","281890829167963763774077994797129997447","244864858413093027007877784087181167649","133109641723182573498458878081626525780","93313650764007537661098579555607316291","121512734913155882533293145855997497354","332886636133217497697612713632443931978","171748887034154368929104268920127179298","298225778750673028172399851684216539449","58308870658893982775806834708165296041","108615236703608101210165321352194540976","262452227970562195460991416827961866996","287333728882250376379392139520789299331","210792961356899843565539874556740690873","215808239847107387282026131904674828210","260269101062366033889144294412801811279","298166305701248057572430139454369634259","172939512445086249725772739682190794006","275556858486836725273906075082373907673","118528969061506912498979865395249944602","22793761259857787277276224411905978681","62837071849508075784651402237574853610","176909310114710823887474554722317196250","317079016717754247012667519518423693284","23564028462140812989879905466472190611","277064231915815772945447483891970263619","202981768031263103797697348733742232620","5978856274666856564002923474719401338","215458384695442309935580168218134272436","299657005884343147499204368892452668210","195742644777985803358352368138743995190","161693264320693155649335724285460260227","50737274586391573756328294111421693875","129150160858185788658273458773443580221","73021888732415838538389455150706985285","259881220187117049028318734131791977646","60489331388883577278424487151115996413","119523683039213769320412400230373229986","187421006752503686272911843096895423816","203820086773451621675110253130457666816","268399293152151823443328773071169157386","99981609887040635641384690963853970334","169553944500900201036609533510602775987","224135519668644277391024758611434883033","6722166969452887077461464789350509951","239854245651430575550156311627598657508","185965288535624462993822477075882460949","339458069696814587169637650456192150356","116412324939526223914457879275534267361","77868519617328603347622938555976235918","109452586179805588180978634526869729460"]},"target":{"file":"src/lxc/lxc_user_nic.c"},"source":"https://github.com/lxc/lxc/commit/16af238036a5464ae8f2420ed3af214f0de875f9","signature_type":"Line","id":"CVE-2017-5985-83473d15","signature_version":"v1"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5985.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}]}