Executive Summary
Summary | |
---|---|
Title | libcgroup security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0320 | First vendor Publication | 2011-03-03 |
Vendor | RedHat | Last vendor Modification | 2011-03-03 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libcgroup packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The libcgroup packages provide tools and libraries to control and monitor control groups. A heap-based buffer overflow flaw was found in the way libcgroup converted a list of user-provided controllers for a particular task into an array of strings. A local attacker could use this flaw to escalate their privileges via a specially-crafted list of controllers. (CVE-2011-1006) It was discovered that libcgroup did not properly check the origin of Netlink messages. A local attacker could use this flaw to send crafted Netlink messages to the cgrulesengd daemon, causing it to put processes into one or more existing control groups, based on the attacker's choosing, possibly allowing the particular tasks to run with more resources (memory, CPU, etc.) than originally intended. (CVE-2011-1022) Red Hat would like to thank Nelson Elhage for reporting the CVE-2011-1006 issue. All libcgroup users should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 678107 - CVE-2011-1006 libcgroup: Heap-based buffer overflow by converting list of controllers for given task into an array of strings 680409 - CVE-2011-1022 libcgroup: Uncheck origin of NETLINK messages |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0320.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12695 | |||
Oval ID: | oval:org.mitre.oval:def:12695 | ||
Title: | DSA-2193-1 libcgroup -- several | ||
Description: | Several issues have been discovered in libcgroup, a library to control and monitor control groups: CVE-2011-1006 Heap-based buffer overflow by converting list of controllers for given task into an array of strings could lead to privilege escalation by a local attacker. CVE-2011-1022 libcgroup did not properly check the origin of Netlink messages, allowing a local attacker to send crafted Netlink messages which could lead to privilege escalation. The oldstable distribution does not contain libgroup packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2193-1 CVE-2011-1006 CVE-2011-1022 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libcgroup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21523 | |||
Oval ID: | oval:org.mitre.oval:def:21523 | ||
Title: | RHSA-2011:0320: libcgroup security update (Important) | ||
Description: | The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0320-01 CVE-2011-1006 CVE-2011-1022 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | libcgroup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23544 | |||
Oval ID: | oval:org.mitre.oval:def:23544 | ||
Title: | ELSA-2011:0320: libcgroup security update (Important) | ||
Description: | The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0320-01 CVE-2011-1006 CVE-2011-1022 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | libcgroup |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28066 | |||
Oval ID: | oval:org.mitre.oval:def:28066 | ||
Title: | DEPRECATED: ELSA-2011-0320 -- libcgroup security update (important) | ||
Description: | [0.36-6.1] - Fixed buffer overflow when parsing cgexec command line parameters. - Added checking of source of netlink messages to cgrulesengd daemon. - Resolves: CVE-2011-1006 CVE-2011-1022 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0320 CVE-2011-1006 CVE-2011-1022 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libcgroup |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for libcgroup RHSA-2011:0320-01 File : nvt/gb_RHSA-2011_0320-01_libcgroup.nasl |
2011-06-03 | Name : Fedora Update for libcgroup FEDORA-2011-2570 File : nvt/gb_fedora_2011_2570_libcgroup_fc13.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2193-1 (libcgroup) File : nvt/deb_2193_1.nasl |
2011-04-01 | Name : Fedora Update for libcgroup FEDORA-2011-2631 File : nvt/gb_fedora_2011_2631_libcgroup_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
72519 | Control Group Configuration Library (libcgroup / libcg) tools/tools-common.c ... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libcgroup-devel-110304.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libcgroup-devel-110314.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0320.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110303_libcgroup_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2570.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libcgroup-devel-110304.nasl - Type : ACT_GATHER_INFO |
2011-04-11 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_libcgroup-devel-110303.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2631.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Fedora host is missing a security update. File : fedora_2011-2638.nasl - Type : ACT_GATHER_INFO |
2011-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2193.nasl - Type : ACT_GATHER_INFO |
2011-03-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0320.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:26 |
|