Unrated severityNVD Advisory· Published Mar 22, 2011· Updated Jun 16, 2026
CVE-2011-1022
CVE-2011-1022
Description
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:balbir_singh:libcgroup:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:balbir_singh:libcgroup:*:*:*:*:*:*:*:*range: <=0.37
- cpe:2.3:a:balbir_singh:libcgroup:0.1b:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.1c:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.31:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.32:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.32.1:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.32.2:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.33:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.34:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.35:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.35.1:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.36:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.36.1:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.36.2:*:*:*:*:*:*:*
- cpe:2.3:a:balbir_singh:libcgroup:0.37:rc1:*:*:*:*:*:*
- Range: <0.37.1
Patches
Vulnerability mechanics
References
23- bugs.debian.org/cgi-bin/bugreport.cginvdPatch
- openwall.com/lists/oss-security/2011/02/25/11nvdPatch
- openwall.com/lists/oss-security/2011/02/25/12nvdPatch
- openwall.com/lists/oss-security/2011/02/25/6nvdPatch
- openwall.com/lists/oss-security/2011/02/25/9nvdPatch
- sourceforge.net/mailarchive/message.phpnvdPatch
- sourceforge.net/mailarchive/message.phpnvdPatch
- sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/downloadnvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- secunia.com/advisories/43611nvdVendor Advisory
- secunia.com/advisories/43758nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0679nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.htmlnvd
- lists.opensuse.org/opensuse-updates/2011-04/msg00027.htmlnvd
- openwall.com/lists/oss-security/2011/02/25/14nvd
- secunia.com/advisories/43891nvd
- secunia.com/advisories/44093nvd
- www.debian.org/security/2011/dsa-2193nvd
- www.redhat.com/support/errata/RHSA-2011-0320.htmlnvd
- www.securityfocus.com/bid/46578nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2011/0774nvd
News mentions
0No linked articles in our index yet.