libcgroup1: Fixed heap-based buffer overflow in libcgroup
Two security bugfixes in libcgroup1 were done:
libcgroup suffered from a heap based buffer overflow
(CVE-2011-1006).
The cgrulesengd daemon did not verify the origin of netlink
messages, allowing local users to spoof events
(CVE-2011-1022).
- Submitted by Adrian Schröter (adrianSuSE)
- Version 4148
Fixed bugs
bnc#675506
VUL-0: libcgroup1: Heap-based buffer overflow in libcgroup, CVE-2011-1006
bnc#675048
VUL-0: libcgroup1: Failure to verify netlink messages
CVE#CVE-2011-1006
Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line
CVE#CVE-2011-1022
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypa