Description
Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitrary command execution on the host. When using an image with a metadata.yaml containing templates, both the source and target paths are not checked for symbolic links or directory traversal. This can also be exploited in IncusOS. A fix is planned for versions 6.0.6 and 6.21.0, but they have not been released at the time of publication.
Published: 2026-01-22
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary host code execution via image templating
Action: Apply patch
AI Analysis

Impact

Incus, a system container and VM manager, allows users who can launch containers with custom images to use directory traversal or symbolic links in the templating mechanism, resulting in arbitrary file read and write on the host. This flaw, which is a case of CWE‑22 Path Traversal, can be leveraged to execute commands on the host, compromising confidentiality, integrity, and availability at the system level.

Affected Systems

The vulnerability affects the LinuxContainers Incus product, versions 6.21.0 and earlier, including IncusOS deployments. The flaw is present when an image contains a metadata.yaml file with template definitions that are not validated for traversal or symlink usage.

Risk and Exploitability

The assigned CVSS score of 8.7 indicates a high severity. The EPSS score is below 1%, suggesting low current exploitation probability, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires local access to start a container and membership in the incus group, and involves crafting a template image that points to arbitrary host paths. Attackers who can meet these conditions can read sensitive files or overwrite critical configuration, leading to arbitrary command execution on the host.

Generated by OpenCVE AI on April 18, 2026 at 15:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Incus to a released version that includes the fix (6.0.6 or 6.21.0) as soon as it becomes available.
  • Apply the community‑provided patch file (templates_arbitrary_write.patch) to correct the path validation in the templating logic if an upgrade is not immediately possible.
  • Restrict incus group membership or disable the templating feature for untrusted users to remove the local privilege needed to exploit the flaw.

Generated by OpenCVE AI on April 18, 2026 at 15:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6109-1 incus security update
Debian DSA Debian DSA DSA-6153-1 lxd security update
Github GHSA Github GHSA GHSA-7f67-crqm-jgh7 Incus container image templating arbitrary host file read and write
History

Fri, 30 Jan 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Linuxcontainers
Linuxcontainers incus
CPEs cpe:2.3:a:linuxcontainers:incus:*:*:*:*:*:*:*:*
Vendors & Products Linuxcontainers
Linuxcontainers incus

Mon, 26 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Lxc
Lxc incus
Vendors & Products Lxc
Lxc incus

Thu, 22 Jan 2026 23:00:00 +0000

Type Values Removed Values Added
Description Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitrary command execution on the host. When using an image with a metadata.yaml containing templates, both the source and target paths are not checked for symbolic links or directory traversal. This can also be exploited in IncusOS. A fix is planned for versions 6.0.6 and 6.21.0, but they have not been released at the time of publication.
Title Incus container image templating arbitrary host file read and write
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N'}

Subscriptions

Linuxcontainers Incus
Lxc Incus
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-26T21:02:48.738Z

Reserved: 2026-01-19T14:49:06.312Z

Link: CVE-2026-23954

cve-icon Vulnrichment

Updated: 2026-01-26T21:02:44.533Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-22T22:16:20.833

Modified: 2026-01-30T17:28:49.473

Link: CVE-2026-23954

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T15:30:03Z

Weaknesses