CVE-2011-1006

2011-03-22T13:55:01
ID CVE-2011-1006
Type cve
Reporter NVD
Modified 2011-04-20T22:33:16

Description

Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries.