CVE-2016-8649

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host’s /proc, to access the rest of the host’s filesystem via the openat() family of syscalls.

Date published : 2017-05-01

http://www.securityfocus.com/bid/94498

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845465