CVE-2011-1006

EPSS 0.13%

libcgroup - several

Published: 3/22/2011Modified: 3/9/2026

Also known as:DSA-2193-1DEBIAN-CVE-2011-1006

Description

Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.

Affected packages (2)

Debian/libcgroupfrom 0, < 0.37.1-1
Debian/libcgroupfrom 0, < 0.36.2-3+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1006