VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 22, 2011· Updated Apr 29, 2026

CVE-2011-1006

CVE-2011-1006

Description

Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.

Affected products

17
  • Balbir Singh/Libcgroup17 versions
    cpe:2.3:a:balbir_singh:libcgroup:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:balbir_singh:libcgroup:*:*:*:*:*:*:*:*range: <=0.37
    • cpe:2.3:a:balbir_singh:libcgroup:0.1b:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.1c:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.32:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.32.1:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.32.2:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.34:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.35.1:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.36:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.36.1:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.36.2:*:*:*:*:*:*:*
    • cpe:2.3:a:balbir_singh:libcgroup:0.37:rc1:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.