CNNVD-202510-351 Information

CNNVD ID

CNNVD-202510-351

Related CVE

CVE-2025-54293

• CNNVD Published: 2025-10-02

Description (Chinese)

LXD是Canonical开源的一款基于Linux系统用于管理应用程序的容器。 LXD 5.0 LTS版本存在安全漏洞，该漏洞源于日志文件检索功能存在路径遍历，可能导致读取主机系统上的任意文件。

Description (English)

LXD is an open-source section of Canonical based on the Linux system used to manage applications. There is a security loophole in the LXD 5.0 LTS version, which stems from the existence of a path through the log file search, which may lead to the reading of any files on the host system.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/canonical/lxd/security/advisories/GHSA-472f-vmf2-pr3h https://vigilance.fr/vulnerability/Canonical-LXD-Incus-multiple-vulnerabilities-dated-17-10-2025-48518

Patch

https://github.com/canonical/lxd