CVE Catalog

CVE-2026-12411

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

A Broken Access Control vulnerability in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled.

Risk Assessment

The organization faces a breach of isolation between LXD guests, potentially leading to data leakage, modification, or corruption, and possible escalation of attacks to other containers.

Recommendation

Immediately disable the security.devlxd.management.volumes option if not required, and apply the available security patch from Canonical for LXD.

Original NVD description (English source)

Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS