CVE-2026-34179 – Canonical LXD
“Break the container once, and the host is no longer yours.”
This patch addresses multiple critical vulnerabilities in Canonical’s LXD that undermine container isolation and expose the host system to compromise. These issues affect how LXD enforces boundaries between containers and the underlying host, creating a path for attackers to escalate privileges and potentially take full control of the environment.
CVE-2026-34177 has a CVSS score of 9.1, which is Critical severity. CVE-2026-34178 has a CVSS score of 9.1, which is Critical severity. CVE-2026-34179 has a CVSS score of 9.1, which is Critical severity. All three vulnerabilities present a serious risk to systems running LXD in production, especially in multi-tenant or cloud environments.
Public proof-of-concept code is available for these vulnerabilities, increasing the likelihood of exploitation and making rapid patching essential to maintain system integrity.
Key Details
- Affected Product
- Canonical Lxd
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- High
- User Interaction
- None
- CWE Classification
- CWE-915