libcgroup-devel-0.41-2.8 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10391 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libcgroup-devel-0.41-2.8 on GA media These are all security issues fixed in the libcgroup-devel-0.41-2.8 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10391 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10391 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-1006/ SUSE CVE CVE-2011-1006 page https://www.suse.com/security/cve/CVE-2011-1022/ SUSE CVE CVE-2011-1022 page openSUSE Tumbleweed libcgroup-devel-0.41-2.8 libcgroup-tools-0.41-2.8 libcgroup1-0.41-2.8 libcgroup1-32bit-0.41-2.8 libcgroup-devel-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup-tools-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup1-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup1-32bit-0.41-2.8 as a component of openSUSE Tumbleweed Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries. CVE-2011-1006 openSUSE Tumbleweed:libcgroup-devel-0.41-2.8 openSUSE Tumbleweed:libcgroup-tools-0.41-2.8 openSUSE Tumbleweed:libcgroup1-0.41-2.8 openSUSE Tumbleweed:libcgroup1-32bit-0.41-2.8 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-1006.html CVE-2011-1006 https://bugzilla.suse.com/675506 SUSE Bug 675506 The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message. CVE-2011-1022 openSUSE Tumbleweed:libcgroup-devel-0.41-2.8 openSUSE Tumbleweed:libcgroup-tools-0.41-2.8 openSUSE Tumbleweed:libcgroup1-0.41-2.8 openSUSE Tumbleweed:libcgroup1-32bit-0.41-2.8 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-1022.html CVE-2011-1022 https://bugzilla.suse.com/675048 SUSE Bug 675048