CVE-2022-47952

LOW
Published Jan 1, 20233y ago · Modified Jun 17, 20262w ago
3.3 CVSS 3.1
Low
Find Similar
Published Jan 1, 2023 3y ago
Last Modified Jun 17, 2026 2w ago

Description

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist.

CVSS Details

Base Score
3.3
Exploitability
1.8
Impact
1.4
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-203

Affected Products 1

VendorProductVersionRange
linuxcontainerslxc* ≤5.0.1

References 5

  • bugs.launchpad.net https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45
    Issue TrackingVendor Advisory
  • github.com https://github.com/MaherAzzouzi/CVE-2022-47952
    Third Party Advisory
  • github.com https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/lxc.spec.in#L274
    Third Party Advisory
  • github.com https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/src/lxc/cmd/lxc_user_nic.c#L1085-L1104
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2023/08/msg00025.html

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.