CVE-2018-14348

CVE-2018-14348 affects libcgroup up to 0.41, where cgrulesengd creates /var/log/cgred with mode 0666 regardless of umask, leading to information disclosure. Connected sources confirm patched releases (e.g., 0.41-23 and later) are available; multiple vendors (Debian, Red Hat, CentOS/Amazon Linux, ...