QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1006

Published: Mar 22, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=678107

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download

x_refsource_CONFIRM

http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg%3Ba=commit%3Bh=5ae8aea1ecd60c439121d3329d8eaabf13d292c1

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2011:0316

vendor-advisory

x_refsource_SUSE

FEDORA-2011-2631

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

FEDORA-2011-2638

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.