Privilege Escalation Vulnerability in Canonical LXD Virtual Machine Instances
CVE-2026-34177

9.1CRITICAL

Key Information:

Vendor: Canonical
Status: Lxd
Vendor: CVE Published:; 9 April 2026

What is CVE-2026-34177?

The affected versions of Canonical LXD have an operation flaw that allows a remote attacker with editing permissions to inject unauthorized AppArmor rules and QEMU character device configurations. By exploiting this flaw, attackers can gain elevated privileges, potentially escalating to LXD cluster administrator access and even compromising the host system's root access. The incomplete denylist in the system's permissions poses a significant risk to the integrity and security of the virtual machine environments.

Affected Version(s)

lxd Linux 4.12.0 < 5.0.7

lxd Linux 5.1.0 < 5.21.5

lxd Linux 6.0.0 < 6.8.0

References

https://github.com/canonical/lxd/security/advisories/GHSA...

vdb-entryvendor-advisory

https://github.com/canonical/lxd/pull/17909

patchissue-tracking

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Mar 26, 2026

Credit

Miha Purg

CVE-2026-34177 Data

JSON