Scientific Linux Security Update : libcgroup on SL6.x i386/x86_64

high Nessus Plugin ID 60979

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

A heap-based buffer overflow flaw was found in the way libcgroup converted a list of user-provided controllers for a particular task into an array of strings. A local attacker could use this flaw to escalate their privileges via a specially crafted list of controllers.
(CVE-2011-1006)

It was discovered that libcgroup did not properly check the origin of Netlink messages. A local attacker could use this flaw to send crafted Netlink messages to the cgrulesengd daemon, causing it to put processes into one or more existing control groups, based on the attacker's choosing, possibly allowing the particular tasks to run with more resources (memory, CPU, etc.) than originally intended.
(CVE-2011-1022)

Solution

Update the affected libcgroup, libcgroup-devel and / or libcgroup-pam packages.

See Also

http://www.nessus.org/u?b1b5605a

Plugin Details

Severity: High

ID: 60979

File Name: sl_20110303_libcgroup_on_SL6_x.nasl

Version: 1.7

Type: local

Agent: unix

Published: 8/1/2012

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 3/3/2011

Reference Information

CVE: CVE-2011-1006, CVE-2011-1022