Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-1022

Опубликовано: 22 мар. 2011
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:balbir_singh:libcgroup:*:*:*:*:*:*:*:*
Версия до 0.37 (включая)
cpe:2.3:a:balbir_singh:libcgroup:0.1b:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.1c:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.2:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.3:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.31:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.32:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.32.1:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.32.2:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.33:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.34:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.35:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.35.1:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.36:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.36.1:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.36.2:*:*:*:*:*:*:*
cpe:2.3:a:balbir_singh:libcgroup:0.37:rc1:*:*:*:*:*:*

EPSS

Процентиль: 26%
0.00086
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2011-1022

ubuntu
больше 14 лет назад

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.

redhat логотип

CVE-2011-1022

redhat
больше 14 лет назад

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.

debian логотип

CVE-2011-1022

debian
больше 14 лет назад

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrul ...

github логотип

GHSA-669f-5h8c-h58m

github
около 3 лет назад

The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.

oracle-oval логотип

ELSA-2011-0320

oracle-oval
больше 14 лет назад

ELSA-2011-0320: libcgroup security update (IMPORTANT)

EPSS

Процентиль: 26%
0.00086
Низкий

2.1 Low

CVSS2

Дефекты

CWE-264