Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 372985 - <dev-libs/libcgroup-0.38: intended resource restriction bypass (CVE-2011-{1006,1022})
Summary: <dev-libs/libcgroup-0.38: intended resource restriction bypass (CVE-2011-{100...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial with 1 vote (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~1 [noglsa]
Keywords:
: 417963 (view as bug list)
Depends on: 437856
Blocks:
  Show dependency tree
 
Reported: 2011-06-25 13:00 UTC by GLSAMaker/CVETool Bot
Modified: 2012-11-27 12:02 UTC (History)
7 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-06-25 13:00:32 UTC 
CVE-2011-1022 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1022):
  The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd
  in the Control Group Configuration Library (aka libcgroup or libcg) before
  0.37.1 does not verify that netlink messages originated in the kernel, which
  allows local users to bypass intended resource restrictions via a crafted
  message.


Please punt older versions.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2011-07-11 23:31:57 UTC 
CVE-2011-1006 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1006):
  Heap-based buffer overflow in the parse_cgroup_spec function in
  tools/tools-common.c in the Control Group Configuration Library (aka
  libcgroup or libcg) before 0.37.1 allows local users to gain privileges via
  a crafted controller list on the command line of an application.  NOTE: it
  is not clear whether this issue crosses privilege boundaries.
Comment 2 Andreis Vinogradovs ( slepnoga ) 2012-05-28 10:50:23 UTC 
New version available http://sourceforge.net/projects/libcg/files/libcgroup/v.038/
relised 	2012-02-20
Comment 3 Alex Legler (RETIRED) archtester gentoo-dev Security 2012-05-28 11:07:07 UTC 
*** Bug 417963 has been marked as a duplicate of this bug. ***
Comment 4 Jaak Ristioja 2012-08-09 19:48:08 UTC 
Why is this taking so long?!
Comment 5 Maxim Koltsov (RETIRED) gentoo-dev 2012-11-26 18:46:32 UTC 
Version 0.38 was added to tree, it does not have the vulnerability. Please clean old versions.
Comment 6 Andreis Vinogradovs ( slepnoga ) 2012-11-27 07:15:08 UTC 
due #437856 resolved, please drop affected version from tree
Comment 7 Sergey Popov gentoo-dev 2012-11-27 07:46:41 UTC 
+  27 Nov 2012; Sergey Popov <pinkbyte@gentoo.org> -libcgroup-0.37-r2.ebuild,
+  -files/libcgroup-0.37-wildcard-substitutions.patch:
+  Drop vulnerable versions, wrt bug #372985

Also, adding missing maintaining herd(proxy maintainers) to CC
Comment 8 Sean Amoss (RETIRED) gentoo-dev Security 2012-11-27 12:02:51 UTC 
Thanks, everyone.

Closing noglsa for ~arch only.