INFSA-2023:5071: libcap security update
Information about definition
Identificator: INFSA-2023:5071
Type: security
Release date: 2025-03-05 17:51:24 UTC
Information about package
Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.
Vulnerabilities description
- CVE-2023-2602
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
- CVE-2023-2603
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-2602
|
no information | 3.3 | no information |
|
NIST — CVE-2023-2603
|
no information | 7.8 | no information |
Updated packages