CVE-2026-28385
Received Received - Intake
SSRF in Canonical LXD Image Import Functionality

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: Canonical Ltd.

Description
In Canonical LXD versions 4.12 through 6.9, a Server-Side Request Forgery (SSRF) vulnerability in the image import functionality allows authenticated users with the can_create_images entitlement to interact with internal network infrastructure via the /images endpoint. When importing an image from a URL source, the LXD daemon fails to validate or restrict outbound destination IP addresses, allowing connections to loopback, RFC1918 private ranges, and cloud metadata endpoints. This enables error-based port scanning and unauthorized interaction with internal HTTP services from the daemon's network position.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-28385
EUVD
EUVD-2026-39805
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
canonical lxd From 4.12 (inc) to 6.9 (inc)
canonical lxd 4.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-28385 is a Server-Side Request Forgery (SSRF) vulnerability in Canonical LXD versions 4.12 through 6.9. It affects the image import functionality, allowing authenticated users with the can_create_images entitlement to make the LXD daemon send HTTP requests to internal network addresses.

Specifically, when importing an image from a URL, the LXD daemon does not validate or restrict the destination IP addresses of outbound requests. This means it can connect to loopback addresses (like 127.0.0.1), private IP ranges defined by RFC1918, and cloud metadata endpoints.

Because of this, an attacker can perform error-based port scanning and interact with internal HTTP services from the daemon's privileged network position, potentially revealing information about internal network infrastructure.

Impact Analysis

This vulnerability allows an authenticated user with limited privileges (can_create_images entitlement) to probe and interact with internal network services that are normally inaccessible from outside.

An attacker can perform error-based port scanning to discover open or filtered ports on internal hosts, including cloud metadata services (e.g., 169.254.169.254), which may expose sensitive information.

Such unauthorized internal network interactions can lead to information disclosure and potentially facilitate further attacks within the internal network.

The attack requires no user interaction and can be performed with low privileges, increasing the risk.

Detection Guidance

This vulnerability can be detected by monitoring for unusual HTTP requests originating from the LXD daemon to internal network addresses such as loopback (127.0.0.1), private IP ranges (RFC1918), and cloud metadata endpoints (e.g., 169.254.169.254). Since the vulnerability allows error-based port scanning via the /images endpoint, detecting unexpected outbound HTTP HEAD or GET requests from the LXD daemon to these internal addresses can indicate exploitation attempts.

You can check for such activity by inspecting network traffic or logs on the host running LXD. For example, using tcpdump or similar tools to capture outbound HTTP requests from the LXD daemon's network interface can help identify suspicious connections.

  • tcpdump -i <interface> 'tcp and (dst net 127.0.0.0/8 or dst net 10.0.0.0/8 or dst net 172.16.0.0/12 or dst net 192.168.0.0/16 or dst host 169.254.169.254) and (tcp[tcpflags] & tcp-syn != 0)'
  • ss -tnp | grep lxd # To check active TCP connections initiated by the LXD daemon
  • Review LXD daemon logs for any unusual image import requests or errors related to the /images endpoint.
Mitigation Strategies

Immediate mitigation steps include upgrading LXD to version 6.10 or later, where the vulnerability has been fixed by adding private-IP blocking and URL validation in the image import functionality.

Additionally, you should restrict outbound requests from the LXD daemon to prevent network probing by authenticated users with the can_create_images entitlement.

  • Configure network policies or firewall rules to block LXD daemon outbound HTTP/HTTPS requests to internal IP ranges and cloud metadata endpoints.
  • Set up HTTP/HTTPS proxies that restrict or filter outbound requests from LXD.
  • Review and limit user entitlements, especially the can_create_images entitlement, to trusted users only.

Refer to the updated security hardening guide for LXD for detailed instructions on limiting network exposure and restricting outbound requests.

Compliance Impact

The vulnerability allows authenticated users to interact with internal network infrastructure and cloud metadata endpoints through SSRF, potentially exposing internal services and sensitive information.

Such unauthorized internal network access and potential data exposure could lead to non-compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and internal systems from unauthorized access.

However, the provided information does not explicitly discuss the direct impact on compliance with these regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-28385. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart