<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>LXC - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/vendors/lxc/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Fri, 03 Jul 2026 10:40:37 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/vendors/lxc/feed.xml" rel="self" type="application/rss+xml"/><item><title>Incus Container Escape via Arbitrary File Read/Write (CVE-2026-48749)</title><link>https://feed.craftedsignal.io/briefs/2026-07-incus-arbitrary-file-afrw/</link><pubDate>Fri, 03 Jul 2026 10:40:37 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-incus-arbitrary-file-afrw/</guid><description>A critical vulnerability, CVE-2026-48749, in Incus allows an attacker to achieve arbitrary file read and write on the host filesystem with root privileges by crafting a malicious container image containing a symlink, bypassing validation, and potentially leading to arbitrary command execution.</description><content:encoded><![CDATA[<p>A critical vulnerability, tracked as CVE-2026-48749, has been identified in Incus, a container and VM management system developed by LXC. This flaw enables a malicious actor to achieve arbitrary file read and write capabilities on the host system with root privileges, potentially escalating to full command execution. The vulnerability arises from Incus's handling of specially crafted container images, specifically when a duplicate top-level <code>rootfs</code> symlink is present. While Incus initially validates <code>metadata.yaml</code> and a normal <code>rootfs/</code> entry, it subsequently processes a symlink like <code>rootfs -&gt; /</code>, allowing a container's root filesystem to be mapped directly to the host's root. This bypasses container isolation, granting the attacker unauthorized access to the host's underlying filesystem and sensitive files such as <code>/etc/shadow</code>, affecting Incus versions prior to 7.2.0.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker crafts a malicious Incus image package (<code>.tar</code> file) that initially contains a valid <code>metadata.yaml</code> and an empty <code>rootfs/</code> directory.</li>
<li>The attacker then manipulates the <code>.tar</code> archive by removing the legitimate <code>rootfs/</code> directory.</li>
<li>A symbolic link named <code>rootfs</code> pointing to <code>/</code> (the host's root directory) is injected into the archive at the top level.</li>
<li>The malicious image (<code>afrw-rootfs-symlink.tar</code>) is imported into a vulnerable Incus instance using <code>incus image import</code>.</li>
<li>A new container is initialized from this malicious image using <code>incus init afrw-rootfs-symlink afrw-rootfs-symlink</code>.</li>
<li>The attacker uses <code>incus file pull</code> commands, targeting paths like <code>/etc/shadow</code> from within the created container, to read arbitrary files from the host filesystem.</li>
<li>The attacker uses <code>incus file push</code> commands to write or create arbitrary files on the host filesystem.</li>
<li>Successful arbitrary file read/write with root privileges can lead to host compromise, including privilege escalation or arbitrary command execution.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-48749 leads to arbitrary file read and write on the host system with root privileges. This means an attacker can access any file on the host, including sensitive system configuration files (e.g., <code>/etc/shadow</code> for password hashes) or application data. Furthermore, the ability to write arbitrary files allows for planting malicious executables, modifying critical system configurations, or establishing persistence mechanisms. Ultimately, this can lead to full host compromise, enabling arbitrary command execution, data exfiltration, system defacement, or further lateral movement within the compromised environment. The vulnerability impacts organizations utilizing Incus for containerization and could lead to significant data breaches or operational disruption.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Prioritize patching all Incus instances to version 7.2.0 or later immediately to remediate CVE-2026-48749.</li>
<li>Review Incus image origins and implement strict controls to prevent the import of untrusted or malicious container images.</li>
<li>Monitor Incus server logs for unusual image import attempts or unexpected file operations performed via <code>incus file</code> commands originating from newly provisioned containers.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>container-escape</category><category>privilege-escalation</category><category>vulnerability-exploitation</category><category>linux</category></item><item><title>Incus Restricted Project Bypass Leading to Arbitrary Command Execution (CVE-2026-48751)</title><link>https://feed.craftedsignal.io/briefs/2026-07-incus-rce-restricted-project-bypass/</link><pubDate>Fri, 03 Jul 2026 10:38:26 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-incus-rce-restricted-project-bypass/</guid><description>A critical vulnerability, CVE-2026-48751, in Incus versions prior to 7.2.0, allows an attacker to bypass restricted project settings via malicious instance snapshots, enabling arbitrary command execution with root privileges on the Incus server by abusing low-level hooks.</description><content:encoded><![CDATA[<p>A critical vulnerability (CVE-2026-48751) has been identified in Incus, affecting all versions prior to 7.2.0. This flaw allows a malicious actor to achieve arbitrary command execution with root privileges on the Incus server. The vulnerability stems from instance snapshots ignoring the <code>restricted.containers.lowlevel=block</code> setting. Attackers can craft a malicious Incus instance locally, integrate a snapshot configured to abuse low-level hooks like <code>raw.lxc</code> or <code>raw.qemu</code>, and then transfer this instance to a restricted project. When the malicious snapshot is restored within the restricted environment, the embedded commands are executed on the host, bypassing intended security controls. This allows for complete compromise of the Incus host, enabling persistent access, data exfiltration, or further lateral movement within the network.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Initial Setup (Attacker)</strong>: The attacker creates a local Incus instance (e.g., <code>images:debian/trixie</code>) in an unrestricted project on their own system.</li>
<li><strong>Malicious Hook Injection</strong>: The attacker injects a malicious low-level hook into the local Incus instance's configuration, specifically using <code>raw.lxc</code> or <code>raw.qemu</code>. For example, <code>incus config set rce-raw-lxc raw.lxc='lxc.hook.pre-start = /bin/sh -c &quot;/bin/id &gt;/lxc-hook-prestart&quot;'</code>.</li>
<li><strong>Snapshot Creation</strong>: A snapshot of the now-malicious local instance is created (e.g., <code>incus snapshot create rce-raw-lxc snap0</code>). This snapshot captures the injected malicious hook.</li>
<li><strong>Hook Removal (Optional but Recommended)</strong>: The attacker removes the <code>raw.lxc</code> configuration from the local instance to allow for transfer to the restricted project without immediate detection or conflict.</li>
<li><strong>Instance Transfer</strong>: The malicious instance with its snapshot is moved from the attacker's local, unrestricted environment to a remote Incus server's restricted project (e.g., <code>incus move rce-raw-lxc rem: --mode push</code>).</li>
<li><strong>Snapshot Restoration</strong>: The attacker restores the malicious snapshot within the restricted project on the remote Incus server (e.g., <code>incus snapshot restore rem:rce-raw-lxc snap0</code>). Despite <code>restricted.containers.lowlevel=block</code> being active on the remote project, the snapshot restoration process bypasses this control.</li>
<li><strong>Command Execution</strong>: Upon starting the instance from the restored snapshot (e.g., <code>incus start rem:rce-raw-lxc</code>), the pre-start hook embedded in the snapshot executes the arbitrary command (e.g., <code>/bin/id</code>) on the Incus host with root privileges.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-48751 leads to a complete bypass of Incus project restrictions, specifically the <code>restricted.containers.lowlevel=block</code> setting designed to prevent such abuses. This directly results in arbitrary command execution on the underlying Incus server, granting an attacker root privileges. Such compromise allows for full control over the host system, potentially enabling further network infiltration, data exfiltration, service disruption, or the deployment of additional malicious payloads. While specific victim counts are not available, all Incus instances running vulnerable versions prior to 7.2.0 are at risk, particularly those hosting untrusted containers or users in restricted projects.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Immediately patch Incus instances to version 7.2.0 or later to remediate CVE-2026-48751.</li>
<li>Deploy the provided Sigma rule to detect attempts to configure low-level Incus hooks, which indicates potential exploitation of CVE-2026-48751.</li>
<li>Enable comprehensive <code>process_creation</code> logging for Linux systems to capture <code>incus</code> command executions and the execution of arbitrary commands.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>container-security</category><category>linux</category><category>privilege-escalation</category><category>rce</category><category>incus</category></item><item><title>Incus Argument Injection Vulnerability Leads to Arbitrary File Write and Command Execution</title><link>https://feed.craftedsignal.io/briefs/2026-07-incus-argument-injection-afw-ace/</link><pubDate>Fri, 03 Jul 2026 10:35:11 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-incus-argument-injection-afw-ace/</guid><description>An argument injection vulnerability (CVE-2026-48755) exists in Incus due to improper validation of the user-provided backup compression algorithm, allowing an authenticated attacker to inject arbitrary arguments into the command line, leading to an arbitrary file write on the host and subsequent arbitrary command execution.</description><content:encoded><![CDATA[<p>A critical vulnerability, CVE-2026-48755, affects Incus versions prior to 7.2.0, stemming from an argument injection flaw in its backup compression algorithm processing. The flaw allows an authenticated attacker to manipulate the <code>compression_algorithm</code> parameter, injecting arbitrary command-line arguments into the <code>zstd</code> compressor execution. This enables an arbitrary file write (AFW) operation on the host system where Incus is running. Attackers can leverage this AFW to write malicious content to sensitive locations, such as cron job directories (<code>/etc/cron.d/</code>), thereby achieving arbitrary command execution (ACE). This vulnerability is particularly dangerous as it provides a pathway from a compromised Incus instance to full system compromise of the host. Defenders should prioritize patching and monitoring for suspicious <code>zstd</code> command executions and unexpected file writes in system configuration paths.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An authenticated attacker (e.g., a user with Incus client certificate access to the API) gains control over an Incus instance.</li>
<li>The attacker uploads a malicious payload (e.g., a reverse shell script or system command) into the compromised Incus instance, accessible from the host filesystem.</li>
<li>The attacker crafts a malicious <code>compression_algorithm</code> string containing argument injection payloads, such as <code>zstd -d -f --pass-through -o /etc/cron.d/incus-zstd-rce -- /var/lib/incus/.../payload</code>.</li>
<li>The attacker initiates a direct backup request to the Incus API for the compromised instance, specifying the crafted malicious <code>compression_algorithm</code>.</li>
<li>Incus, due to improper validation, constructs and executes a command similar to <code>exec.Command(&quot;zstd&quot;, &quot;-c&quot;, &quot;-d&quot;, &quot;-f&quot;, &quot;--pass-through&quot;, &quot;-o&quot;, &quot;/etc/cron.d/incus-zstd-rce&quot;, &quot;--&quot;, &quot;/var/lib/incus/.../payload&quot;)</code>.</li>
<li>The <code>zstd</code> command's argument injection leads to an arbitrary file write, copying the attacker-controlled payload from within the Incus instance to <code>/etc/cron.d/incus-zstd-rce</code> on the host system.</li>
<li>The newly created cron job on the host system is executed by the cron daemon at the specified interval, resulting in arbitrary command execution on the Incus host.</li>
<li>The executed command establishes persistence or performs further malicious actions, such as data exfiltration or deploying additional malware.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The successful exploitation of CVE-2026-48755 leads to an arbitrary file write on the host operating system, which attackers can immediately leverage for arbitrary command execution. This allows a privileged user within an Incus instance to escalate privileges to root on the underlying host, circumventing containerization. Such a compromise grants the attacker full control over the Incus host, potentially impacting all other instances running on that server, and facilitating lateral movement within the network. This vulnerability affects Incus users running versions prior to 7.2.0, with potential for widespread compromise in environments where Incus is used for virtualization or container management.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Patch CVE-2026-48755 by upgrading all Incus installations to version 7.2.0 or higher immediately.</li>
<li>Deploy the provided Sigma rule &quot;CVE-2026-48755: Incus Zstd Argument Injection Attempt&quot; to your SIEM to detect suspicious execution of <code>zstd</code> with potential argument injection patterns.</li>
<li>Enable <code>process_creation</code> logging for Linux systems to capture command-line arguments of processes like <code>zstd</code>.</li>
<li>Monitor for the creation of new files in system cron directories, specifically <code>/etc/cron.d/incus-zstd-rce</code>, using file integrity monitoring or <code>file_event</code> logging, as this indicates a successful arbitrary file write.</li>
<li>Block the arbitrary file write target <code>/etc/cron.d/incus-zstd-rce</code> from being created by non-system processes if possible, or create a <code>file_event</code> rule to alert on its creation.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>argument-injection</category><category>arbitrary-file-write</category><category>remote-code-execution</category><category>container-escape</category><category>linux</category></item><item><title>Incus Client Arbitrary File Write via Malicious Image Hash (CVE-2026-48769)</title><link>https://feed.craftedsignal.io/briefs/2026-07-incus-arbitrary-file-write/</link><pubDate>Fri, 03 Jul 2026 10:34:05 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-incus-arbitrary-file-write/</guid><description>A critical arbitrary file write vulnerability (CVE-2026-48769) exists in the Incus client daemon (`incusd`) when processing images from a malicious server, allowing an attacker to inject path traversal into the `Incus-Image-Hash` header to create arbitrary files in sensitive locations as root, ultimately leading to arbitrary command execution.</description><content:encoded><![CDATA[<p>A critical arbitrary file write vulnerability, tracked as CVE-2026-48769, affects the Incus client daemon (<code>incusd</code>) versions prior to 7.2.0. This flaw stems from improper validation of the <code>Incus-Image-Hash</code> HTTP header when <code>incusd</code> imports an image from a remote URL. A malicious Incus image server can craft this header to include path traversal sequences (e.g., <code>../../../../etc/cron.d/</code>), tricking <code>incusd</code> into writing an arbitrary file to a sensitive location on the host system with root privileges. By leveraging this to create a cron job (e.g., <code>/etc/cron.d/incus-direct-image-url-rce</code>), an attacker can achieve arbitrary command execution as root, leading to full system compromise and privilege escalation. This vulnerability poses a significant risk to Incus environments where image imports from untrusted sources are permitted.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker sets up a malicious Incus image server controlled by them.</li>
<li>The victim's Incus server (<code>incusd</code> daemon) is instructed to import an image using a user-supplied URL pointing to the attacker-controlled server (e.g., via <code>incus image import &lt;malicious_URL&gt;</code>).</li>
<li><code>incusd</code> initiates a HEAD request to the attacker's server to retrieve image metadata.</li>
<li>The malicious server responds with a crafted <code>Incus-Image-Hash</code> HTTP header containing a path traversal sequence (e.g., <code>../../../../etc/cron.d/incus-direct-image-url-rce</code>) and an <code>Incus-Image-URL</code> header pointing to the malicious payload.</li>
<li><code>incusd</code> processes these headers, and its <code>imageDownload()</code> function constructs a file path by combining <code>/var/lib/incus/images/</code> with the attacker-supplied hash. Due to the path traversal, this resolves to a sensitive system path, such as <code>/etc/cron.d/incus-direct-image-url-rce</code>.</li>
<li><code>incusd</code> invokes <code>os.Create()</code> on this crafted path, creating the arbitrary file <code>/etc/cron.d/incus-direct-image-url-rce</code> with root privileges.</li>
<li><code>incusd</code> then makes a GET request to the <code>Incus-Image-URL</code> provided by the attacker and writes the malicious content (e.g., a cron job command <code>* * * * * root /bin/sh -c &quot;id &gt; /tmp/incus-direct-image-url-rce&quot;</code>) into the newly created file.</li>
<li>The host system's cron daemon subsequently executes the newly installed cron job, resulting in arbitrary command execution as root, enabling the attacker to gain full control over the Incus server.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-48769 allows an attacker to achieve an arbitrary file write on the Incus host system with root privileges. This directly leads to arbitrary command execution by writing malicious cron jobs or other configuration files, effectively compromising the entire server. This includes potential for data exfiltration, further lateral movement, or installation of persistent backdoors. Systems running Incus versions prior to 7.2.0 that import images from untrusted sources are at severe risk of compromise. While no specific victim counts are detailed, any organization utilizing vulnerable Incus deployments is susceptible.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Patch CVE-2026-48769 immediately by upgrading Incus to version 7.2.0 or later on all affected Linux servers.</li>
<li>Deploy the Sigma rule in this brief to your SIEM to detect suspicious file creations by the <code>incusd</code> process in sensitive system directories.</li>
<li>Implement strict controls over which Incus image servers are trusted and limit the ability of non-administrative users to import images from arbitrary URLs.</li>
<li>Enable comprehensive file system logging (e.g., auditd for Linux) to detect unexpected file creations or modifications in sensitive directories like <code>/etc/cron.d/</code>.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>arbitrary-file-write</category><category>path-traversal</category><category>rce</category><category>incus</category><category>linux</category><category>cve</category></item></channel></rss>