Published April 9, 2026 · Updated April 9, 2026
CVE-2026-34177 is a critical vulnerability in Canonical LXD versions 4.12 through 6.7 due to an incomplete denylist that allows remote attackers with can_edit permissions on a virtual machine (VM) to bypass restrictions. This oversight enables an attacker to inject an AppArmor rule and modify QEMU character device configurations, potentially escalating privileges to become an LXD cluster administrator and ultimately gain root access to the host system. To mitigate this risk, organizations should upgrade to a patched version of LXD that addresses this vulnerability.
Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote attacker with can_edit permission on a VM instance in a restricted project can inject an AppArmor rule and a QEMU chardev configuration that bridges the LXD Unix socket into the guest VM, enabling privilege escalation to LXD cluster administrator and subsequently to host root.
CVE-2026-34177 is a critical privilege escalation vulnerability in Canonical LXD. It impacts versions 4.12 to 6.7, enabling attackers to gain LXD admin and potentially host root access. Affected users should patch immediately.