It was discovered that libcgroup did not properly check the origin of Netlink messages. A local attacker could use this flaw to send crafted Netlink messages to the cgrulesengd daemon, causing it to put processes into one or more existing control groups, based on the attacker's choosing, possibly allowing the particular tasks to run with more resources (memory, CPU, etc.) than originally intended. References: [1] http://sourceforge.net/mailarchive/message.php?msg_id=27102603 CVE Request: [2] http://www.openwall.com/lists/oss-security/2011/02/25/6 CVE Assignment: [3] http://www.openwall.com/lists/oss-security/2011/02/25/9
This issue affects the version of the libcgroup package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the libcgroup package, as shipped with Fedora release of 13 and 14. Please schedule an update.
Created libcgroup tracking bugs for this issue Affects: fedora-all [bug 680412]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0320 https://rhn.redhat.com/errata/RHSA-2011-0320.html