Description
A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy restrictions by importing a maliciously crafted instance backup containing restricted configuration keys within a snapshot. When the snapshot is restored, these restricted keys are applied to the live instance without policy validation. Starting the modified instance grants the operator unauthorized host root access.
Published: 2026-06-26
Score: 7.2 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from improper handling of project-restriction policies during snapshot restoration in LXD. An authenticated operator can import a backup containing restricted configuration keys. When the snapshot is restored, these keys are applied without policy validation and starting the instance grants host root privileges, making it a clear privilege escalation flaw (CWE‑863). The breach allows unauthorized escalation to the host level within a multi‑tenant environment.

Affected Systems

The affected product is Canonical LXD. Versions prior to 6.9, 5.21.5, and 5.0.7 are impacted. Specifically, LXD 6.0 through 6.8, 5.21.0 through 5.21.4, and 5.0.0 through 5.0.6 are vulnerable.

Risk and Exploitability

The vulnerability has a CVSS score of 7.2 and no EPSS score is available, and it is not listed in the KEV catalog. An attacker must be an authenticated project operator in a multi‑tenant setup; the exploit requires crafting a malicious snapshot and importing it. Once the instance starts, host root access is achieved. The lack of an EPSS score and KEV listing suggests that widespread exploitation is not yet documented, but the high impact warrants prompt remediation.

Generated by OpenCVE AI on June 26, 2026 at 17:30 UTC.

Remediation

Vendor Solution

Upgrade to LXD version 6.9 or later, 5.21.5 or later, or 5.0.7 or later.

OpenCVE Recommended Actions

  • Upgrade LXD to version 6.9 or later, 5.21.5 or later, or 5.0.7 or later.
  • If an upgrade is not immediately possible, restrict project operators from importing snapshots or enforce strict policy checks during restore to prevent unrestricted configuration keys from being applied.
  • Consider isolating the LXD service and limiting operator roles to essential tasks until the patch is applied.

Generated by OpenCVE AI on June 26, 2026 at 17:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical lxd
Vendors & Products Canonical
Canonical lxd

Fri, 26 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 26 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy restrictions by importing a maliciously crafted instance backup containing restricted configuration keys within a snapshot. When the snapshot is restored, these restricted keys are applied to the live instance without policy validation. Starting the modified instance grants the operator unauthorized host root access.
Title LXD Snapshot Import Privilege Escalation Vulnerability
Weaknesses CWE-863
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Canonical Lxd
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2026-06-26T16:00:24.172Z

Reserved: 2026-05-26T18:31:24.593Z

Link: CVE-2026-9640

cve-icon Vulnrichment

Updated: 2026-06-26T16:00:17.949Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T23:30:05Z

Weaknesses