Restricted certificates bypassed in LXD's PKI mode until version 5.21.1
CVE-2024-6219
3.8LOW
Summary
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
Affected Version(s)
LXD Linux 0 < 5.21.1
References
CVSS V3.1
Score:
3.8
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published