Canonical: >> Lxd >> 5.0.4 Security Vulnerabilities
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
CVSS Score
3.8
EPSS Score
0.0
Published
2024-12-06
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-02-14