The Incus client (github.com/lxc/incus/v7/cmd/incusd) handles image downloads from URLs by first sending a HEAD request to the user-supplied URL and reading the Incus-Image-Hash header. This header is trusted as the expected fingerprint and used as a filename (alias) to create a file in the images directory. However, the hash value is not sanitized and can contain path traversal sequences (e.g., ../../../../etc/cron.d/incus-direct-image-url-rce), allowing arbitrary file writes outside the intended directory. The file is created and populated with the HTTP response before the SHA-256 hash validation is performed, enabling an attacker to write arbitrary files such as cron jobs that lead to root command execution. Cleanup routines run only after the copy completes, and a slow or held response extends the window for exploitation. This vulnerability is tracked as CVE-2026-48769 and affects versions prior to 7.2.0.

An attacker controlling a malicious image server can exploit this vulnerability to write arbitrary files on the Incus client host with root privileges. This can lead to arbitrary command execution as root, compromising the entire system. The vulnerability allows path traversal in the filename used for storing downloaded images, enabling overwriting of critical system files such as cron jobs. This poses a critical security risk including full system compromise.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid using untrusted image servers or URLs with the Incus client. Monitor vendor communications for updates on patches or official mitigations. Do not rely on the current hash validation as it occurs after the file write.