Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1822+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. Security
  3. CVE-2026-34177: Canonical LXD Incomplete VM Restriction
CVE-2026-34177: Canonical LXD Incomplete VM Restriction

Critical Security Alert

This vulnerability is actively being exploited. Immediate action is recommended.

SECURITYCRITICALCVE-2026-34177

CVE-2026-34177: Canonical LXD Incomplete VM Restriction

A critical CVSS 9.1 flaw in Canonical LXD versions 4.12 through 6.7 omits raw.apparmor and raw.qemu.conf from the VM low-level option denylist, allowing...

Dylan H.

Security Team

April 10, 2026
3 min read

Affected Products

  • Canonical LXD 4.12 through 6.7

Overview

A critical vulnerability tracked as CVE-2026-34177 has been discovered in Canonical LXD, the open-source container and virtual machine manager. Affecting versions 4.12 through 6.7, the flaw stems from an incomplete denylist in the isVMLowLevelOptionForbidden function, which fails to block the raw.apparmor and raw.qemu.conf configuration keys under the restricted.virtual-machines.lowlevel=block project restriction. The vulnerability carries a CVSS score of 9.1 (Critical).

Vulnerability Details

FieldDetails
CVE IDCVE-2026-34177
CVSS Score9.1 (Critical)
Affected VersionsCanonical LXD 4.12 through 6.7
Fixed VersionCanonical LXD 6.8+
Affected Filelxd/project/limits/permissions.go — isVMLowLevelOptionForbidden
Attack VectorNetwork (Remote)
Attack ComplexityLow

Technical Analysis

LXD supports project-level restrictions that limit what configuration options users can apply to virtual machines. The restricted.virtual-machines.lowlevel=block restriction is intended to prevent users from setting low-level VM configuration options that could be used for privilege escalation or security bypass.

The function responsible for enforcing this restriction — isVMLowLevelOptionForbidden in lxd/project/limits/permissions.go — maintains a denylist of forbidden configuration keys. However, the denylist is incomplete: it omits two critical keys:

  • raw.apparmor — Allows arbitrary AppArmor profile rules to be injected into the VM's security profile
  • raw.qemu.conf — Allows raw QEMU configuration directives to be passed directly to the QEMU hypervisor

Impact of missing entries:

A remote attacker (or a malicious tenant in a multi-tenant LXD deployment) can set these configuration options on a virtual machine even when the restricted.virtual-machines.lowlevel=block restriction is active. This can be leveraged to:

  1. Bypass AppArmor confinement by overriding or weakening the VM's AppArmor profile via raw.apparmor
  2. Inject arbitrary QEMU configuration via raw.qemu.conf to modify VM hardware simulation, potentially enabling escape from the VM sandbox

In a cloud or shared hosting context where LXD projects are used to isolate tenants, this flaw could allow one tenant to escape their VM isolation and potentially gain access to the host or other tenants' environments.

Affected Deployment Context

This vulnerability is most severe in:

  • Multi-tenant LXD deployments (cloud providers, hosting platforms, managed services)
  • Development environments where project restrictions are used to limit developer access
  • CI/CD pipelines using LXD VMs for test isolation

Users running LXD as a single-user system with full administrative access are at lower risk but should still upgrade.

Remediation

Upgrade to Canonical LXD 6.8 or later, which corrects the isVMLowLevelOptionForbidden function to include raw.apparmor and raw.qemu.conf in the restricted key set.

Interim mitigations (if immediate upgrade is not possible):

  • Avoid relying on restricted.virtual-machines.lowlevel=block as a security boundary until patched
  • Restrict project-level API access to trusted users only; do not expose LXD API endpoints to untrusted network principals
  • Audit existing VMs for use of raw.apparmor or raw.qemu.conf configuration keys to identify potential exploitation
  • Monitor AppArmor logs for unexpected profile modifications or denials associated with LXD-managed VMs
# Check for existing VMs using the affected raw keys
lxc config show <vm-name> | grep -E 'raw\.apparmor|raw\.qemu\.conf'

Related Vulnerability

This CVE was disclosed alongside CVE-2026-34178, a separate LXD backup import path bypass also rated CVSS 9.1, which allows authenticated attackers to create instances bypassing project restriction checks. Both vulnerabilities were fixed in LXD 6.8.

References

  • NVD - CVE-2026-34177
  • Canonical LXD GitHub

Related Reading

  • CVE-2026-34178: Canonical LXD Backup Import Path
  • CVE-2015-20115: RealtyScript 4.0.2 Stored XSS via File
  • CVE-2020-37228: iDS6 DSSPro Digital Signage CAPTCHA
#CVE#LXD#Canonical#VM Escape#Container Security#Vulnerability

Related Articles

CVE-2026-34178: Canonical LXD Backup Import Path

A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...

4 min read

CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability

A Linux kernel vulnerability in the cgroups v1 release_agent feature allows local attackers to escalate privileges and escape containers. Added to CISA KEV…

3 min read

CVE-2026-35210: OpenCTI Authorization Bypass Allows Confidence Level and Object Marking Circumvention

An authentication bypass vulnerability in OpenCTI prior to 7.260326.0 allows any authenticated user with KNOWLEDGE_KNUPDATE permission to bypass Confidence Level validation and Object Marking restrictions, potentially escalating access to sensitive threat intelligence data.

3 min read
Back to all Security Alerts