GSA-6370-1: Critical Incus Security Update
Gnoppix Security has released a security update for Incus, the container and virtual machine manager. The update fixes a vulnerability that could allow local privilege escalation.
The Vulnerability
The flaw is a race condition in Incus’s handling of file descriptors during container startup. An attacker with limited access to a container could exploit this to gain root privileges on the host system.
Affected Versions
- Gnoppix 23/25 (bookworm) – All Incus packages prior to version 0.6-3+deb12u1.
- Gnoppix 25 (trixie) – All Incus packages prior to version 0.7-2.
Mitigation
Action Required: Upgrade Incus immediately. No workaround exists.
How to Update
Run the following commands as root:
apt update && apt upgrade incus
After upgrade, restart the Incus daemon:
systemctl restart incus
Impact
Successful exploitation allows complete host compromise from within an unprivileged container. - Please update your systems.