| Revision Date: | 2014-06-23 | Version: | 19 |
| Title: | DSA-2193-1 libcgroup -- several |
| Description: | Several issues have been discovered in libcgroup, a library to control and monitor control groups: CVE-2011-1006 Heap-based buffer overflow by converting list of controllers for given task into an array of strings could lead to privilege escalation by a local attacker. CVE-2011-1022 libcgroup did not properly check the origin of Netlink messages, allowing a local attacker to send crafted Netlink messages which could lead to privilege escalation. The oldstable distribution does not contain libgroup packages. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2011-1006
CVE-2011-1022
DSA-2193-1
|
| Platform(s): | Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 6.0
| Product(s): | libcgroup
|
| Definition Synopsis |
| Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR Debian GNU/kFreeBSD is installed
AND Installed architecture is all
AND libcgroup DPKG is earlier than 0.36.2-3+squeeze1
|