CVE-2018-6556 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-6556 Interim 1 53 2025-05-17T23:35:33Z current 2021-05-30T14:10:47Z 2025-05-17T23:35:33Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-6556 lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HHGFYQVVRDOYGM5MPESPFRYIO2WR7J6B/#HHGFYQVVRDOYGM5MPESPFRYIO2WR7J6B E-Mail link for openSUSE-SU-2018:2316-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P7UGXMWDCAJUCRFVZRWEYVPQASYUPVO4/#P7UGXMWDCAJUCRFVZRWEYVPQASYUPVO4 E-Mail link for openSUSE-SU-2019:1227-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YSTSXJMKRPX7DLJOHKBF3X7FO724JMME/#YSTSXJMKRPX7DLJOHKBF3X7FO724JMME E-Mail link for openSUSE-SU-2019:1230-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BJSZ5D42JWJHGJ7ILFBWQ7TUHJTZDYJB/#BJSZ5D42JWJHGJ7ILFBWQ7TUHJTZDYJB E-Mail link for openSUSE-SU-2019:1275-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WXDMOUWCPZXYS5XEOXPTQ25H36J4WPGL/#WXDMOUWCPZXYS5XEOXPTQ25H36J4WPGL E-Mail link for openSUSE-SU-2019:1481-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE CaaS Platform 4.5 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Real Time 15 SP2 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Server Business Critical Linux 15 SP1 SUSE Linux Enterprise Server Business Critical Linux 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Manager Proxy 4.0 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Manager Proxy 4.1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Manager Retail Branch Server 4.0 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Manager Retail Branch Server 4.1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Manager Server 4.0 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Manager Server 4.1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Package Hub 15 openSUSE Leap 15.0 openSUSE Tumbleweed liblxc-devel-3.1.0-bp150.5.3.1 liblxc-devel-3.1.0-lp150.2.10.1 liblxc-devel-4.0.9-1.1 liblxc1-3.1.0-bp150.5.3.1 liblxc1-3.1.0-lp150.2.10.1 liblxc1-4.0.9-1.1 lxc lxc-3.1.0-bp150.5.3.1 lxc-3.1.0-lp150.2.10.1 lxc-4.0.9-1.1 lxc-bash-completion-3.1.0-bp150.5.3.1 lxc-bash-completion-3.1.0-lp150.2.10.1 lxc-bash-completion-4.0.9-1.1 lxcfs-3.0.3-bp150.3.3.1 lxcfs-3.0.3-lp150.2.3.1 lxcfs-hooks-lxc-3.0.3-bp150.3.3.1 lxcfs-hooks-lxc-3.0.3-lp150.2.3.1 pam_cgfs-3.1.0-bp150.5.3.1 pam_cgfs-3.1.0-lp150.2.10.1 pam_cgfs-4.0.9-1.1 permissions permissions-zypp-plugin liblxc-devel-3.1.0-bp150.5.3.1 as a component of SUSE Package Hub 15 liblxc1-3.1.0-bp150.5.3.1 as a component of SUSE Package Hub 15 lxc-3.1.0-bp150.5.3.1 as a component of SUSE Package Hub 15 lxc-bash-completion-3.1.0-bp150.5.3.1 as a component of SUSE Package Hub 15 lxcfs-3.0.3-bp150.3.3.1 as a component of SUSE Package Hub 15 lxcfs-hooks-lxc-3.0.3-bp150.3.3.1 as a component of SUSE Package Hub 15 pam_cgfs-3.1.0-bp150.5.3.1 as a component of SUSE Package Hub 15 liblxc-devel-3.1.0-lp150.2.10.1 as a component of openSUSE Leap 15.0 liblxc1-3.1.0-lp150.2.10.1 as a component of openSUSE Leap 15.0 lxc-3.1.0-lp150.2.10.1 as a component of openSUSE Leap 15.0 lxc-bash-completion-3.1.0-lp150.2.10.1 as a component of openSUSE Leap 15.0 lxcfs-3.0.3-lp150.2.3.1 as a component of openSUSE Leap 15.0 lxcfs-hooks-lxc-3.0.3-lp150.2.3.1 as a component of openSUSE Leap 15.0 pam_cgfs-3.1.0-lp150.2.10.1 as a component of openSUSE Leap 15.0 liblxc-devel-4.0.9-1.1 as a component of openSUSE Tumbleweed liblxc1-4.0.9-1.1 as a component of openSUSE Tumbleweed lxc-4.0.9-1.1 as a component of openSUSE Tumbleweed lxc-bash-completion-4.0.9-1.1 as a component of openSUSE Tumbleweed pam_cgfs-4.0.9-1.1 as a component of openSUSE Tumbleweed permissions as a component of SUSE CaaS Platform 4.0 permissions-zypp-plugin as a component of SUSE CaaS Platform 4.0 permissions as a component of SUSE CaaS Platform 4.5 permissions as a component of SUSE Enterprise Storage 6 permissions as a component of SUSE Enterprise Storage 7 permissions as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS permissions-zypp-plugin as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS permissions as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS permissions-zypp-plugin as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS permissions as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS permissions-zypp-plugin as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS permissions as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS permissions-zypp-plugin as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS permissions as a component of SUSE Linux Enterprise Micro 5.0 permissions as a component of SUSE Linux Enterprise Micro 5.1 permissions as a component of SUSE Linux Enterprise Micro 5.2 permissions as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 permissions-zypp-plugin as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 permissions as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 permissions-zypp-plugin as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 permissions as a component of SUSE Linux Enterprise Real Time 15 SP2 permissions-zypp-plugin as a component of SUSE Linux Enterprise Real Time 15 SP2 lxc as a component of SUSE Linux Enterprise Server 11 SP1 lxc as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata lxc as a component of SUSE Linux Enterprise Server 11 SP3 lxc as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata lxc as a component of SUSE Linux Enterprise Server 11 SP4-LTSS permissions as a component of SUSE Linux Enterprise Server 15 SP1-LTSS permissions-zypp-plugin as a component of SUSE Linux Enterprise Server 15 SP1-LTSS permissions as a component of SUSE Linux Enterprise Server 15 SP2-LTSS permissions-zypp-plugin as a component of SUSE Linux Enterprise Server 15 SP2-LTSS permissions as a component of SUSE Linux Enterprise Server Business Critical Linux 15 SP1 permissions as a component of SUSE Linux Enterprise Server Business Critical Linux 15 SP2 permissions as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 permissions-zypp-plugin as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 permissions as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 permissions-zypp-plugin as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 permissions as a component of SUSE Manager Proxy 4.0 permissions as a component of SUSE Manager Proxy 4.1 permissions as a component of SUSE Manager Retail Branch Server 4.0 permissions as a component of SUSE Manager Retail Branch Server 4.1 permissions as a component of SUSE Manager Server 4.0 permissions as a component of SUSE Manager Server 4.1 lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. CVE-2018-6556 SUSE Package Hub 15:liblxc-devel-3.1.0-bp150.5.3.1 SUSE Package Hub 15:liblxc1-3.1.0-bp150.5.3.1 SUSE Package Hub 15:lxc-3.1.0-bp150.5.3.1 SUSE Package Hub 15:lxc-bash-completion-3.1.0-bp150.5.3.1 SUSE Package Hub 15:lxcfs-3.0.3-bp150.3.3.1 SUSE Package Hub 15:lxcfs-hooks-lxc-3.0.3-bp150.3.3.1 SUSE Package Hub 15:pam_cgfs-3.1.0-bp150.5.3.1 openSUSE Leap 15.0:liblxc-devel-3.1.0-lp150.2.10.1 openSUSE Leap 15.0:liblxc1-3.1.0-lp150.2.10.1 openSUSE Leap 15.0:lxc-3.1.0-lp150.2.10.1 openSUSE Leap 15.0:lxc-bash-completion-3.1.0-lp150.2.10.1 openSUSE Leap 15.0:lxcfs-3.0.3-lp150.2.3.1 openSUSE Leap 15.0:lxcfs-hooks-lxc-3.0.3-lp150.2.3.1 openSUSE Leap 15.0:pam_cgfs-3.1.0-lp150.2.10.1 openSUSE Tumbleweed:liblxc-devel-4.0.9-1.1 openSUSE Tumbleweed:liblxc1-4.0.9-1.1 openSUSE Tumbleweed:lxc-4.0.9-1.1 openSUSE Tumbleweed:lxc-bash-completion-4.0.9-1.1 openSUSE Tumbleweed:pam_cgfs-4.0.9-1.1 SUSE CaaS Platform 4.0:permissions SUSE CaaS Platform 4.0:permissions-zypp-plugin SUSE CaaS Platform 4.5:permissions SUSE Enterprise Storage 6:permissions SUSE Enterprise Storage 7:permissions SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:permissions SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:permissions-zypp-plugin SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:permissions SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:permissions-zypp-plugin SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:permissions SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:permissions-zypp-plugin SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:permissions SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:permissions-zypp-plugin SUSE Linux Enterprise Micro 5.0:permissions SUSE Linux Enterprise Micro 5.1:permissions SUSE Linux Enterprise Micro 5.2:permissions SUSE Linux Enterprise Module for Basesystem 15 SP2:permissions SUSE Linux Enterprise Module for Basesystem 15 SP2:permissions-zypp-plugin SUSE Linux Enterprise Module for Basesystem 15 SP3:permissions SUSE Linux Enterprise Module for Basesystem 15 SP3:permissions-zypp-plugin SUSE Linux Enterprise Real Time 15 SP2:permissions SUSE Linux Enterprise Real Time 15 SP2:permissions-zypp-plugin SUSE Linux Enterprise Server 11 SP1 for Teradata:lxc SUSE Linux Enterprise Server 11 SP1:lxc SUSE Linux Enterprise Server 11 SP3 for Teradata:lxc SUSE Linux Enterprise Server 11 SP3:lxc SUSE Linux Enterprise Server 11 SP4-LTSS:lxc SUSE Linux Enterprise Server 15 SP1-LTSS:permissions SUSE Linux Enterprise Server 15 SP1-LTSS:permissions-zypp-plugin SUSE Linux Enterprise Server 15 SP2-LTSS:permissions SUSE Linux Enterprise Server 15 SP2-LTSS:permissions-zypp-plugin SUSE Linux Enterprise Server Business Critical Linux 15 SP1:permissions SUSE Linux Enterprise Server Business Critical Linux 15 SP2:permissions SUSE Linux Enterprise Server for SAP Applications 15 SP1:permissions SUSE Linux Enterprise Server for SAP Applications 15 SP1:permissions-zypp-plugin SUSE Linux Enterprise Server for SAP Applications 15 SP2:permissions SUSE Linux Enterprise Server for SAP Applications 15 SP2:permissions-zypp-plugin SUSE Manager Proxy 4.0:permissions SUSE Manager Proxy 4.1:permissions SUSE Manager Retail Branch Server 4.0:permissions SUSE Manager Retail Branch Server 4.1:permissions SUSE Manager Server 4.0:permissions SUSE Manager Server 4.1:permissions moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L