CVE-2026-23953: Incus Container Escape: The Classic Newline Injection Returns

Incus Container Escape: The Classic Newline Injection Returns

Vulnerability ID: CVE-2026-23953
CVSS Score: 8.7
Published: 2026-01-22

A high-severity configuration injection vulnerability in Incus allows authenticated users to escape containers and execute arbitrary commands on the host system with root privileges by injecting newline characters into environment variables.

TL;DR

Incus failed to sanitize newlines in container environment variables. By injecting a CRLF sequence via a crafted YAML configuration, an attacker can append malicious LXC hooks (like lxc.hook.pre-start) to the underlying configuration file. This results in immediate Host RCE as root when the container starts.

---

⚠️ Exploit Status: POC

Technical Details

• CWE: CWE-93 (Improper Neutralization of CRLF Sequences)
• CVSS: 8.7 (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N)
• Attack Vector: Adjacent Network (requires Incus socket access)
• Privileges Required: Low (Authenticated Incus User)
• Impact: Host Remote Code Execution (RCE)
• Exploit Status: PoC Available

Affected Systems

• Incus <= 6.0.5
• Incus 6.1.0 - 6.20.0
• Incus: <= 6.0.5 (Fixed in: 6.0.6)
• Incus: >= 6.1.0, <= 6.20.0 (Fixed in: 6.21.0)

Code Analysis

Commit: unknown

Validation logic to reject newlines in environment variables

--- a/internal/server/instance/drivers/driver_lxc.go
+++ b/internal/server/instance/drivers/driver_lxc.go
@@ -1078,6 +1078,9 @@ func (d *lxc) initLXC(config bool) (*liblxc.Container, error) {
        //  shortdesc: Environment variables to export
        after, ok := strings.CutPrefix(k, "environment.")
        if ok {
+           if strings.Contains(after, "\n") || strings.Contains(v, "\n") {
+               return nil, errors.New(fmt.Sprintf("Environment cannot contain newline characters"))
+           }
            err = lxcSetConfigItem(cc, "lxc.environment", fmt.Sprintf("%s=%s", after, v))

Exploit Details

• GitHub Security Advisory: Original PoC demonstrating lxc.hook.pre-start injection

Mitigation Strategies

• Update Incus to version 6.0.6 (LTS) or 6.21.0 immediately.
• Restrict membership of the 'incus' and 'incus-admin' groups to trusted administrators only.
• Implement admission controllers or policy agents to validate container configurations before they are applied.

Remediation Steps:

1. Check your current version: incus --version
2. If vulnerable, apply system updates via your package manager (e.g., apt update && apt upgrade incus).
3. Restart the Incus daemon to ensure the new binary is loaded.
4. Audit existing containers for suspicious multi-line environment variables using incus config show <instance> --expanded.

References

• GHSA-x6jc-phwx-hp32
• CWE-93: CRLF Injection

---

Read the full report for CVE-2026-23953 on our website for more details including interactive diagrams and full exploit analysis.