cpe:/a:linuxcontainers:lxc:2.0.0:rc1 CVE-2016-10124 2017-01-09T03:59:00.153-05:00 2017-11-12T21:29:00.227-05:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2017-01-10T11:21:54.173-05:00 BID 95404 GENTOO GLSA-201711-09 MISC http://www.openwall.com/lists/oss-security/2014/12/15/5 MISC http://www.openwall.com/lists/oss-security/2015/09/03/5 CONFIRM https://github.com/lxc/lxc/commit/e986ea3dfa4a2957f71ae9bfaed406dd6e1ffff6 An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container.