Описание
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 0.38-1ubuntu2 |
| dapper | DNE | |
| devel | not-affected | 0.38-1ubuntu2 |
| esm-apps/bionic | not-affected | 0.38-1ubuntu2 |
| esm-apps/xenial | not-affected | 0.38-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 0.38-1ubuntu2 |
| hardy | DNE | |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
Показывать по
Ссылки на источники
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrul ...
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
EPSS
2.1 Low
CVSS2