CNNVD-202510-364 Information

CNNVD ID

CNNVD-202510-364

Related CVE

CVE-2025-54288

• CNNVD Published: 2025-10-02

Description (Chinese)

LXD是Canonical开源的一款基于Linux系统用于管理应用程序的容器。 LXD 4.0及之后版本存在安全漏洞，该漏洞源于devLXD服务器存在信息欺骗，可能导致容器冒充和信息泄露。

Description (English)

LXD is an open-source section of Canonical based on the Linux system used to manage applications. There is a security loophole in LXD 4.0 and later versions, which stems from information fraud on the DevLXD server, which may lead to the imposting of containers and the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/canonical/lxd/security/advisories/GHSA-7232-97c6-j525 https://vigilance.fr/vulnerability/Canonical-LXD-Incus-multiple-vulnerabilities-dated-17-10-2025-48518

Patch

https://github.com/canonical/lxd/releases