CVE-2023-2602

CVE-2023-2602 affects the libcap library via the pthread_create() path, where error handling can cause memory leakage and potential local denial of service. Connected advisories show multiple vendors applying fixes (e.g., libcap2 updates in Debian 11, Amazon Linux 2/2023, AlmaLinux, Cloud Foundry...

CVE-2023-2603

CVE-2023-2603 concerns libcap: an integer overflow in the internal function _libcap_strdup() when handling very large input strings (near 4 GiB). The issue is exploitable locally and is rated high severity (C/H/I/A). Multiple advisories confirm libcap2 updates to fix this, including Debian’s DLA-...

CVE-2026-4878

CVE-2026-4878 is a libcap TOCTOU race condition in cap_set_file() that could let a local attacker with write access to a parent directory inject or strip capabilities from executables, enabling privilege escalation. The connected advisories cite a fix in libcap (openSUSE openSUSE-SU-2026:20613-1;...