Restricted certificates bypassed in LXD's PKI mode until version 5.21.1
CVE-2024-6219

3.8LOW

Key Information:

Vendor

Canonical Ltd.

Status
Lxd
Vendor
CVE Published:
6 December 2024

What is CVE-2024-6219?

Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.

Affected Version(s)

LXD Linux 0 < 5.21.1

References

https://github.com/canonical/lxd/security/advisories/GHSA...
issue-tracking
https://www.cve.org/CVERecord?id=CVE-2024-6219
issue-tracking

CVSS V3.1

Score:
3.8
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

.
CVE-2024-6219 : Restricted certificates bypassed in LXD's PKI mode until version 5.21.1