Bug 2215549 - Impact of CVE-2023-2603 and CVE-2023-2602 on in RHEL UBI 8.8
Summary: Impact of CVE-2023-2603 and CVE-2023-2602 on in RHEL UBI 8.8
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: libcap
Version: 8.8
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Anderson Sasaki
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-06-16 13:09 UTC by Gandhimathy
Modified: 2023-07-27 08:45 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-07-27 08:45:32 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-160085 0 None None None 2023-06-16 13:10:42 UTC
Red Hat Issue Tracker SECENGSP-5255 0 None None None 2023-06-16 13:10:52 UTC

Description Gandhimathy 2023-06-16 13:09:50 UTC 
Is RHEL 8.8 UBI is affected by CVE-2023-2603  ?

The level in our image is 'libcap-2.48-4.el8.x86_64'
Comment 1 Anderson Sasaki 2023-06-27 08:48:50 UTC 
(In reply to Gandhimathy from comment #0)
> Is RHEL 8.8 UBI is affected by CVE-2023-2603  ?
> 
> The level in our image is 'libcap-2.48-4.el8.x86_64'

Yes, it is affected by both CVE-2023-2602 and CVE-2023-2603.
Comment 2 Gandhimathy 2023-07-23 07:33:16 UTC 
When these vulnerabilities (CVE-2023-2602 and CVE-2023-2603)are getting fixed.
Comment 3 Anderson Sasaki 2023-07-27 08:45:32 UTC 
Sorry, but I cannot provide precise dates.
Note that the Red Hat bugzilla is not a support tool. Please contact your Red Hat support representative at https://access.redhat.com to help you address that issue.
Note You need to log in before you can comment on or make changes to this bug.