libcap-2.48-9.el9

エラータID: AXSA:2023-6399:02

Release date: 
Wednesday, September 20, 2023 - 04:22
Subject: 
libcap-2.48-9.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.

Security Fix(es):

* libcap: Integer Overflow in _libcap_strdup() (CVE-2023-2603)
* libcap: Memory Leak on pthread_create() Error (CVE-2023-2602)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-2602
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
CVE-2023-2603
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

Solution: 

Update packages.

CVEs: 
CVE-2023-2602
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
CVE-2023-2603
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
Additional Info: 

N/A

Download: 

SRPMS
  1. libcap-2.48-9.el9.src.rpm
    MD5: 46d460ef6eff6d9a0e18b13e90ed9480
    SHA-256: 8767b3b5bbdbbc23de0b44ace90a906a071d6036a7b7ea9ea94b169f3832b22e
    Size: 194.29 kB

Asianux Server 9 for x86_64
  1. libcap-2.48-9.el9.i686.rpm
    MD5: 2698ab782001e88950c7368d28dd258f
    SHA-256: 3bf43b14ef0e894cedc392f639c7791341da306d19937d6ad04e59700e10751d
    Size: 68.27 kB
  2. libcap-2.48-9.el9.x86_64.rpm
    MD5: 07d5b1638f0f6c0df87d6b0a845b8744
    SHA-256: fab86ccda41c0ea0fd6d6e6197b745390ac6c8c90ca45e2f5bbc3856ff331009
    Size: 66.69 kB
  3. libcap-devel-2.48-9.el9.i686.rpm
    MD5: 95d4bf8aa9dd7a24071392dcbaf653a3
    SHA-256: 4c52a4c54a88779001dd46dd3111a7b5529838f75675d5a1629fc93faebb8d95
    Size: 32.97 kB
  4. libcap-devel-2.48-9.el9.x86_64.rpm
    MD5: 1ed418b9a8170e7796d442d82e7b5417
    SHA-256: 5a17902bc4828fbc9493cbe0b03394fe5a064798bf7302130583fe50b035fd90
    Size: 32.96 kB