{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34178", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2026-03-26T09:24:08.449Z", "datePublished": "2026-04-09T09:18:58.404Z", "dateUpdated": "2026-04-09T11:55:20.431Z"}, "containers": {"cna": {"title": "Importing a crafted backup leads to project restriction bypass", "affected": [{"vendor": "Canonical", "product": "lxd", "platforms": ["Linux"], "collectionURL": "https://github.com/canonical", "packageName": "lxd", "repo": "https://github.com/canonical/lxd", "programFiles": ["permissions.go"], "versions": [{"status": "affected", "version": "4.12.0", "lessThan": "5.0.7", "versionType": "semver"}, {"status": "affected", "version": "5.1.0", "lessThan": "5.21.5", "versionType": "semver"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.8.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-20", "description": "CWE-20 Improper input validation", "type": "CWE"}]}], "descriptions": [{"lang": "en", "value": "In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permission in a restricted project can craft a backup archive where backup.yaml carries restricted settings such as security.privileged=true or raw.lxc directives, bypassing all project restriction enforcement and allowing full host compromise."}], "references": [{"url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4", "name": "Importing a crafted backup leads to project restriction bypass", "tags": ["vdb-entry", "vendor-advisory"]}, {"url": "https://github.com/canonical/lxd/pull/17921", "name": "Import: Create backup config from index", "tags": ["patch", "issue-tracking"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Miha Purg", "type": "finder"}], "source": {"discovery": "INTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-09T09:18:58.404Z"}}, "adp": [{"references": [{"url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-09T11:54:57.626476Z", "id": "CVE-2026-34178", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T11:55:20.431Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34178", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-09T11:54:57.626476Z"}}}], "references": [{"url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-09T11:54:48.483Z"}}], "cna": {"title": "Importing a crafted backup leads to project restriction bypass", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Miha Purg"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/canonical/lxd", "vendor": "Canonical", "product": "lxd", "versions": [{"status": "affected", "version": "4.12.0", "lessThan": "5.0.7", "versionType": "semver"}, {"status": "affected", "version": "5.1.0", "lessThan": "5.21.5", "versionType": "semver"}, {"status": "affected", "version": "6.0.0", "lessThan": "6.8.0", "versionType": "semver"}], "platforms": ["Linux"], "packageName": "lxd", "programFiles": ["permissions.go"], "collectionURL": "https://github.com/canonical", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4", "name": "Importing a crafted backup leads to project restriction bypass", "tags": ["vdb-entry", "vendor-advisory"]}, {"url": "https://github.com/canonical/lxd/pull/17921", "name": "Import: Create backup config from index", "tags": ["patch", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permission in a restricted project can craft a backup archive where backup.yaml carries restricted settings such as security.privileged=true or raw.lxc directives, bypassing all project restriction enforcement and allowing full host compromise."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper input validation"}]}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-09T09:18:58.404Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34178", "state": "PUBLISHED", "dateUpdated": "2026-04-09T11:55:20.431Z", "dateReserved": "2026-03-26T09:24:08.449Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2026-04-09T09:18:58.404Z", "assignerShortName": "canonical"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An authenticated remote attacker with instance-creation permission in a restricted project can craft a backup archive where backup.yaml carries restricted settings such as security.privileged=true or raw.lxc directives, bypassing all project restriction enforcement and allowing full host compromise."}], "id": "CVE-2026-34178", "lastModified": "2026-04-13T15:02:47.353", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2026-04-09T10:16:21.820", "references": [{"source": "security@ubuntu.com", "url": "https://github.com/canonical/lxd/pull/17921"}, {"source": "security@ubuntu.com", "url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/canonical/lxd/security/advisories/GHSA-q96j-3fmm-7fv4"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["linux"], "status": "affected", "versions": {"scheme": "semver", "value": "[4.12.0,5.0.7)"}}, {"platform": ["linux"], "status": "affected", "versions": {"scheme": "semver", "value": "[5.1.0,5.21.5)"}}, {"platform": ["linux"], "status": "affected", "versions": {"scheme": "semver", "value": "[6.0.0,6.8.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "lxd", "source": "cna", "vendor": "Canonical"}, "product": "lxd", "vendor": "canonical"}], "analysis": {"en": {"generated_at": "2026-04-09T10:20:42.652087+00:00", "value": {"mitigation_remediation": ["Upgrade Canonical LXD to version 6.8 or newer to apply the vendor fix.", "If an upgrade cannot be performed immediately, restrict or disable backup import functionality for untrusted sources.", "Verify that backup archives are signed or originate from trusted administrators before import."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution and Host Compromise via Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Canonical LXD installations prior to version 6.8. Any deployment running a 6.7 or earlier LXD instance that accepts backup imports from potentially untrusted sources is at risk.", "description_and_impact": "A flaw in Canonical LXD versions before 6.8 allows a backup import to be crafted so that the backup/index.yaml file, which is checked against project restrictions, is not used for validating the instance configuration. The instance is created from backup/container/backup.yaml, which is never subject to the same checks. An authenticated remote attacker with permission to create instances in a restricted project can therefore inject privileged settings such as security.privileged=true or raw.lxc directives, bypassing all project restrictions and enabling full control over the host.", "risk_and_exploitability": "The flaw carries a CVSS score of 9.1, indicating critical severity. Although no EPSS score is available, the attack is feasible for attackers who have valid instance\u2011creation permissions within a restricted project; they can craft a malicious backup archive and trigger the import. The vulnerability is not listed in the CISA KEV catalog, but the potential for complete host compromise makes the risk high regardless of exploit campaign activity."}}}}, "created": "2026-04-10T08:53:52.489857+00:00", "updated": "2026-04-10T09:33:02.559538+00:00", "vendors": ["canonical", "canonical$PRODUCT$lxd"]}