LXD Authenticated Remote Code Execution fixes available
March 12th, 2026
A critical vulnerability was discovered in LXD where an unprivileged user with valid LXD credentials could set the compression algorithm to an arbitrary command, potentially achieving remote code execution as the LXD daemon. This issue has been identified as CVE-2026-28384.
This bug exists from version 2.12 but it’s only considered a security issue from versions 4.12 and higher. Prior to version 4.12, any user with LXD access would have full control over the LXD daemon. With the introduction of the restricted project feature, an unprivileged user could abuse this issue to elevate their privileges.
How the exploits work
The backups and image API endpoints accepted a compression algorithm as a method to export images. There was a flaw in the parser, which took the user-supplied input without proper validation. Crucially, the backend code would then prepend “-c” to the user’s input after the first argument.
An attacker could exploit this by setting the compression algorithm to a payload like bash \"sleep 1\". This input could then be processed on the backend as bash -c "sleep 1", successfully achieving command execution as the LXD daemon on the server. This issue would allow for unauthorized execution of commands on the host system as the LXD daemon.
Affected releases
Snapstore releases
| Channel | Snap Name | Fixed Version | Fixed Revision |
|---|---|---|---|
| 4.0/stable | lxd | - | Not affected since the restricted project feature is not present in this channel. |
| 5.0/stable | lxd | 5.0.6-e49d9f4 (2026-03-11) | 38331 (amd64), 38342 (arm64), 38329 (armhf), 38339 (ppc64el), 38382 (riscv64), 38467 (s390x) |
| 5.21/stable | lxd | 5.21.4-1374f39 (2026-03-11) | 38368 (amd64), 38373 (arm64), 38370 (armhf), 38369(ppc64el), 38379 (riscv64), 38367(s390x) |
| 6/stable | lxd | 6.7 | 38412 (amd64), 38415 (arm64), 38411 (armhf), 38414 (ppc64el), 38427 (riscv64), 38412 (s390x) |
Ubuntu archive releases
The Ubuntu archive versions distributed in Xenial, Bionic, and Focal are not affected since the restricted project feature is not present there, and therefore, all users were considered admins.
How to check if you are impacted
On your system, run the following command and compare the listed channel and revision to the table above.
snap list | grep lxd
How to address
We recommend you upgrade your snap:
sudo snap refresh lxd
Acknowledgements
We would like to thank bugbunny.ai for their reporting.
References
- https://nvd.nist.gov/vuln/detail/CVE-2026-28384
- https://github.com/canonical/lxd/security/advisories/GHSA-4rmf-rcp8-2r9g
- https://documentation.ubuntu.com/lxd/latest/reference/release-notes/release-notes-6.7/#bug-fixes
- LXD 5.21.4 LTS interim snap release 5.21.4-1374f39
- LXD 5.0.6 LTS interim snap release 5.0.6-e49d9f4