CVE Catalog

CVE-2026-9639

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

30th percentile — higher than 30% of all known CVEs

Summary

A nil-pointer dereference vulnerability exists in LXD up to versions 6.8 and 5.21 on Linux in the CreateCustomVolumeFromBackup function. An authenticated user with can_create_storage_volumes permissions can cause a denial of service (DoS) by submitting a specially crafted custom-volume backup tarball that omits the expires_at snapshot field.

Risk Assessment

An attacker can exploit this vulnerability to crash the LXD service, disrupting container operations and management. The risk is limited to authenticated users with specific permissions.

Recommendation

Immediately upgrade LXD to version 6.9 or later (and 5.21/stable with the appropriate patch). As a temporary mitigation, restrict can_create_storage_volumes permissions to trusted users only.

Original NVD description (English source)

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can_create_storage_volumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expires_at snapshot field.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS