CNNVD-202506-3137 Information
CNNVD ID
CNNVD-202506-3137
Related CVE
- CNNVD Published: 2025-06-25
Description (Chinese)
Incus是LXC开源的一个系统容器和虚拟机管理器。 Incus 6.12版本和6.13版本存在安全漏洞,该漏洞源于nftables规则部分绕过安全选项,可能导致DHCP池耗尽。
Description (English)
Incus is a system container and virtual machine manager at the LXC open source. Incus 6.12 and 6.13, there is a security loophole, which stems from the partial circumvention of the security options of the nonftables rules, which could lead to the depletion of the DHCP pool.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
LXC
Published
2025-06-25
Last Modified
2026-02-24
References
https://github.com/lxc/incus/commit/2516fb19ad8428454cb4edfe70c0a5f0dc1da214 https://github.com/lxc/incus/security/advisories/GHSA-9q7c-qmhm-jv86 https://github.com/lxc/incus/commit/a7c33301738aede3c035063e973b1d885d9bac7c https://nvd.nist.gov/vuln/detail/CVE-2025-52889 https://access.redhat.com/security/cve/cve-2025-52889
Patch
https://github.com/lxc/incus/releases
Share on: