Vulnerability Details CVE-2016-1581
LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
Products affected by CVE-2016-1581
-
cpe:2.3:a:canonical:lxd:2.0.1
-
cpe:2.3:o:canonical:ubuntu_linux:15.10
-
cpe:2.3:o:canonical:ubuntu_linux:16.04