Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1022

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-1022
Last Modified 06 Sep 2011 11:15:15
Published 22 Mar 2011 01:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-1022

Summary

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.

Vulnerable Systems

Application

  • Balbir Singh Libcgroup 0.1b

  • Balbir Singh Libcgroup 0.1c

  • Balbir Singh Libcgroup 0.2

  • Balbir Singh Libcgroup 0.3

  • Balbir Singh Libcgroup 0.31

  • Balbir Singh Libcgroup 0.32

  • Balbir Singh Libcgroup 0.32.1

  • Balbir Singh Libcgroup 0.32.2

  • Balbir Singh Libcgroup 0.33

  • Balbir Singh Libcgroup 0.34

  • Balbir Singh Libcgroup 0.35

  • Balbir Singh Libcgroup 0.35.1

  • Balbir Singh Libcgroup 0.36

  • Balbir Singh Libcgroup 0.36.1

  • Balbir Singh Libcgroup 0.36.2

  • Balbir Singh Libcgroup 0.37


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=680409

CONFIRM - http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download

MLIST - [libcg-devel] 20110218 [PATCH 2/2] cgrulesengd: Ignore netlink messages that don't come from the kernel.

MLIST - [libcg-devel] 20101115 Fwd: libcgroup netlink

MLIST - [oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages

MLIST - [oss-security] 20110224 CVE request: libcgroup: Failure to verify netlink messages

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987

VUPEN - ADV-2011-0774

VUPEN - ADV-2011-0679

SECTRACK - 1025157

BID - 46578

REDHAT - RHSA-2011:0320

DEBIAN - DSA-2193

SECUNIA - 44093

SECUNIA - 43891

SECUNIA - 43758

SECUNIA - 43611

SUSE - openSUSE-SU-2011:0316

FEDORA - FEDORA-2011-2638

FEDORA - FEDORA-2011-2631


Last Updated: 27 May 2016 10:56:07