libcgroup1: Fixed heap-based buffer overflow in libcgroup
Two security bugfixes in libcgroup1 were done:
libcgroup suffered from a heap based buffer overflow
(CVE-2011-1006).
The cgrulesengd daemon did not verify the origin of netlink
messages, allowing local users to spoof events
(CVE-2011-1022).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4148
Fixed bugs
bnc#675048
VUL-0: libcgroup1: Failure to verify netlink messages
