{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33711", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T17:06:05.747Z", "datePublished": "2026-03-26T22:37:29.746Z", "dateUpdated": "2026-03-27T20:00:18.358Z"}, "containers": {"cna": {"title": "Incus vulnerable to local privilege escalation through VM screenshot path", "problemTypes": [{"descriptions": [{"cweId": "CWE-61", "lang": "en", "description": "CWE-61: UNIX Symbolic Link (Symlink) Following", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "version": "4.0"}}], "references": [{"name": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x"}], "affected": [{"vendor": "lxc", "product": "incus", "versions": [{"version": "< 6.23.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T22:37:29.746Z"}, "descriptions": [{"lang": "en", "value": "Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable paths under /tmp for this, an attacker with local access to the system can abuse this mechanism by creating their own symlinks ahead of time. On the vast majority of Linux systems, this will result in a \"Permission denied\" error when requesting a screenshot. That's because the Linux kernel has a security feature designed to block such attacks, `protected_symlinks`. On the rare systems with this purposefully disabled, it's then possible to trick Incus intro truncating and altering the mode and permissions of arbitrary files on the filesystem, leading to a potential denial of service or possible local privilege escalation. Version 6.23.0 fixes the issue."}], "source": {"advisory": "GHSA-q9vp-3wcg-8p4x", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T14:10:12.851754Z", "id": "CVE-2026-33711", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T20:00:18.358Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Incus vulnerable to local privilege escalation through VM screenshot path", "source": {"advisory": "GHSA-q9vp-3wcg-8p4x", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "lxc", "product": "incus", "versions": [{"status": "affected", "version": "< 6.23.0"}]}], "references": [{"url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "name": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable paths under /tmp for this, an attacker with local access to the system can abuse this mechanism by creating their own symlinks ahead of time. On the vast majority of Linux systems, this will result in a \"Permission denied\" error when requesting a screenshot. That's because the Linux kernel has a security feature designed to block such attacks, `protected_symlinks`. On the rare systems with this purposefully disabled, it's then possible to trick Incus intro truncating and altering the mode and permissions of arbitrary files on the filesystem, leading to a potential denial of service or possible local privilege escalation. Version 6.23.0 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-61", "description": "CWE-61: UNIX Symbolic Link (Symlink) Following"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T22:37:29.746Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33711", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T14:10:12.851754Z"}}}], "references": [{"url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "tags": ["exploit"]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-27T14:10:23.208Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-33711", "state": "PUBLISHED", "dateUpdated": "2026-03-26T22:37:29.746Z", "dateReserved": "2026-03-23T17:06:05.747Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T22:37:29.746Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable paths under /tmp for this, an attacker with local access to the system can abuse this mechanism by creating their own symlinks ahead of time. On the vast majority of Linux systems, this will result in a \"Permission denied\" error when requesting a screenshot. That's because the Linux kernel has a security feature designed to block such attacks, `protected_symlinks`. On the rare systems with this purposefully disabled, it's then possible to trick Incus intro truncating and altering the mode and permissions of arbitrary files on the filesystem, leading to a potential denial of service or possible local privilege escalation. Version 6.23.0 fixes the issue."}, {"lang": "es", "value": "Incus es un gestor de contenedores de sistema y m\u00e1quinas virtuales. Incus proporciona una API para recuperar capturas de pantalla de la m\u00e1quina virtual. Esa API se basa en el uso de un archivo temporal para que QEMU escriba la captura de pantalla, la cual luego se recoge y se env\u00eda al usuario antes de su eliminaci\u00f3n. Dado que las versiones anteriores a la 6.23.0 utilizan rutas predecibles bajo /tmp para esto, un atacante con acceso local al sistema puede abusar de este mecanismo creando sus propios enlaces simb\u00f3licos con antelaci\u00f3n. En la gran mayor\u00eda de los sistemas Linux, esto resultar\u00e1 en un error de 'Permiso denegado' al solicitar una captura de pantalla. Esto se debe a que el kernel de Linux tiene una caracter\u00edstica de seguridad dise\u00f1ada para bloquear tales ataques, protected_symlinks. En los sistemas raros con esto deshabilitado a prop\u00f3sito, es entonces posible enga\u00f1ar a Incus para que trunque y altere el modo y los permisos de archivos arbitrarios en el sistema de archivos, lo que lleva a una potencial denegaci\u00f3n de servicio o posible escalada de privilegios local. La versi\u00f3n 6.23.0 corrige el problema."}], "id": "CVE-2026-33711", "lastModified": "2026-03-27T20:16:33.060", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-26T23:16:20.423", "references": [{"source": "[email protected]", "url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-61"}], "source": "[email protected]", "type": "Secondary"}]}

{"bugzilla": {"description": "incus: Incus: Local privilege escalation or denial of service via predictable temporary file paths", "id": "2452021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452021"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-59", "details": ["A flaw was found in Incus, a system container and virtual machine manager. A local attacker could exploit a vulnerability in the API responsible for retrieving VM screenshots. By creating symbolic links (symlinks) in predictable temporary file paths, an attacker could trick Incus into truncating and altering arbitrary files on the filesystem. This could lead to a denial of service or, in specific configurations where the `protected_symlinks` kernel security feature is disabled, a local privilege escalation."], "name": "CVE-2026-33711", "public_date": "2026-03-26T22:37:29Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-33711\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-33711\nhttps://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x"], "statement": "This Important flaw in Incus allows a local attacker to achieve denial of service or, under specific conditions, local privilege escalation. The vulnerability arises from predictable temporary file paths used during VM screenshot retrieval, enabling symlink attacks. On Red Hat Enterprise Linux, the `protected_symlinks` kernel security feature is enabled by default, which prevents the privilege escalation vector of this flaw.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.23.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "incus", "source": "cna", "vendor": "lxc"}, "product": "incus", "vendor": "lxc"}], "analysis": {"en": {"generated_at": "2026-03-27T13:24:13.897774+00:00", "value": {"mitigation_remediation": ["Upgrade to Incus 6.23.0 or later.", "If upgrading is not immediately possible, enable the kernel\u2019s `protected_symlinks` feature to prevent symlink traversal in /tmp.", "Limit local user permissions to prevent arbitrary /tmp file creation, and consider disabling or restricting the screenshot API."], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Incus container and virtual\u2011machine manager from the LXC project. Any installed release prior to 6.23.0 is susceptible. Version 6.23.0 and later contain the fix.", "description_and_impact": "Incus uses temporary files in /tmp for VM screenshot generation. The API writes the output to a predictable path that the attacker can pre\u2011create as a symbolic link to any target file on the host. If the system\u2019s `protected_symlinks` protection is disabled, Incus follows that link, truncates the target file and changes its permissions, which can break the system or give the attacker elevated privileges. This flaw is a classic path\u2011traversal/File\u2011Redirection issue (CWE\u201159, CWE\u201161). The consequence is a denial of service or, in specially configured environments, local privilege escalation.", "risk_and_exploitability": "The CVSS score is 4.7, indicating moderate severity. No EPSS data is available, and the flaw is not listed in CISA\u2019s KEV catalog, suggesting limited or no widespread exploitation yet. Exploitability requires local access to create a symlink in /tmp on a system where the kernel\u2019s protected_symlinks feature is disabled. Attackers can then leverage the truncated file change to influence application state or elevate privileges. Because only a subset of Linux distributions have the protective flag disabled, the practical risk is bounded but not negligible."}}}}, "created": "2026-03-27T08:31:30.209847+00:00", "updated": "2026-03-27T15:47:22.622122+00:00", "vendors": ["lxc", "lxc$PRODUCT$incus"]}