Bug 2215549

Summary: Impact of CVE-2023-2603 and CVE-2023-2602 on in RHEL UBI 8.8
Product: Red Hat Enterprise Linux 8 Reporter: Gandhimathy <gandhi.srini>
Component: libcapAssignee: Anderson Sasaki <ansasaki>
Status: CLOSED DEFERRED QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.8CC: ansasaki, rsroka
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-07-27 08:45:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Gandhimathy 2023-06-16 13:09:50 UTC 
Is RHEL 8.8 UBI is affected by CVE-2023-2603  ?

The level in our image is 'libcap-2.48-4.el8.x86_64'
Comment 1 Anderson Sasaki 2023-06-27 08:48:50 UTC 
(In reply to Gandhimathy from comment #0)
> Is RHEL 8.8 UBI is affected by CVE-2023-2603  ?
> 
> The level in our image is 'libcap-2.48-4.el8.x86_64'

Yes, it is affected by both CVE-2023-2602 and CVE-2023-2603.
Comment 2 Gandhimathy 2023-07-23 07:33:16 UTC 
When these vulnerabilities (CVE-2023-2602 and CVE-2023-2603)are getting fixed.
Comment 3 Anderson Sasaki 2023-07-27 08:45:32 UTC 
Sorry, but I cannot provide precise dates.
Note that the Red Hat bugzilla is not a support tool. Please contact your Red Hat support representative at https://access.redhat.com to help you address that issue.