CVE-2011-1006 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-1006 Interim 1 27 2025-11-05T05:50:40Z current 2021-05-30T12:56:35Z 2025-11-05T05:50:40Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-1006 Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MRJCRTNKYOCZRTJU7NWI4JJU22523JSM/#MRJCRTNKYOCZRTJU7NWI4JJU22523JSM E-Mail link for SUSE-SR:2011:007 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 openSUSE Tumbleweed libcgroup-devel-0.41-2.8 libcgroup-devel-0.41.rc1-1.30 libcgroup-devel-0.41.rc1-2.34 libcgroup-devel-0.41.rc1-4.1 libcgroup-devel-0.41.rc1-9.1 libcgroup-tools-0.41-2.8 libcgroup-tools-0.41.rc1-1.30 libcgroup-tools-0.41.rc1-4.1 libcgroup-tools-0.41.rc1-9.1 libcgroup1-0.34-2.5.1 libcgroup1-0.37.1-5.16.1 libcgroup1-0.41-2.8 libcgroup1-0.41.rc1-1.30 libcgroup1-0.41.rc1-2.34 libcgroup1-0.41.rc1-4.1 libcgroup1-0.41.rc1-9.1 libcgroup1-32bit-0.41-2.8 libcgroup1-0.41.rc1-1.30 as a component of SUSE Linux Enterprise Desktop 12 libcgroup1-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 libcgroup1-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 libcgroup1-0.41.rc1-9.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libcgroup1-0.34-2.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libcgroup1-0.34-2.5.1 as a component of SUSE Linux Enterprise Server 11 SP2 libcgroup1-0.37.1-5.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 libcgroup1-0.41.rc1-2.34 as a component of SUSE Linux Enterprise Server 11 SP4 libcgroup-tools-0.41.rc1-1.30 as a component of SUSE Linux Enterprise Server 12 libcgroup1-0.41.rc1-1.30 as a component of SUSE Linux Enterprise Server 12 libcgroup-tools-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server 12 SP1 libcgroup1-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server 12 SP1 libcgroup-tools-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server 12 SP2 libcgroup1-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server 12 SP2 libcgroup-tools-0.41.rc1-9.1 as a component of SUSE Linux Enterprise Server 12 SP3 libcgroup1-0.41.rc1-9.1 as a component of SUSE Linux Enterprise Server 12 SP3 libcgroup-tools-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libcgroup1-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libcgroup-devel-0.41.rc1-2.34 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libcgroup1-0.41.rc1-2.34 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libcgroup-devel-0.41.rc1-1.30 as a component of SUSE Linux Enterprise Software Development Kit 12 libcgroup-devel-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 libcgroup-devel-0.41.rc1-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libcgroup-devel-0.41.rc1-9.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 libcgroup-devel-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup-tools-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup1-0.41-2.8 as a component of openSUSE Tumbleweed libcgroup1-32bit-0.41-2.8 as a component of openSUSE Tumbleweed Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries. CVE-2011-1006 SUSE Linux Enterprise Desktop 12:libcgroup1-0.41.rc1-1.30 SUSE Linux Enterprise Desktop 12 SP1:libcgroup1-0.41.rc1-4.1 SUSE Linux Enterprise Desktop 12 SP2:libcgroup1-0.41.rc1-4.1 SUSE Linux Enterprise Desktop 12 SP3:libcgroup1-0.41.rc1-9.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libcgroup1-0.34-2.5.1 SUSE Linux Enterprise Server 11 SP2:libcgroup1-0.34-2.5.1 SUSE Linux Enterprise Server 11 SP3:libcgroup1-0.37.1-5.16.1 SUSE Linux Enterprise Server 11 SP4:libcgroup1-0.41.rc1-2.34 SUSE Linux Enterprise Server 12:libcgroup-tools-0.41.rc1-1.30 SUSE Linux Enterprise Server 12:libcgroup1-0.41.rc1-1.30 SUSE Linux Enterprise Server 12 SP1:libcgroup-tools-0.41.rc1-4.1 SUSE Linux Enterprise Server 12 SP1:libcgroup1-0.41.rc1-4.1 SUSE Linux Enterprise Server 12 SP2:libcgroup-tools-0.41.rc1-4.1 SUSE Linux Enterprise Server 12 SP2:libcgroup1-0.41.rc1-4.1 SUSE Linux Enterprise Server 12 SP3:libcgroup-tools-0.41.rc1-9.1 SUSE Linux Enterprise Server 12 SP3:libcgroup1-0.41.rc1-9.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libcgroup-tools-0.41.rc1-4.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libcgroup1-0.41.rc1-4.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libcgroup-devel-0.41.rc1-2.34 SUSE Linux Enterprise Software Development Kit 11 SP4:libcgroup1-0.41.rc1-2.34 SUSE Linux Enterprise Software Development Kit 12:libcgroup-devel-0.41.rc1-1.30 SUSE Linux Enterprise Software Development Kit 12 SP1:libcgroup-devel-0.41.rc1-4.1 SUSE Linux Enterprise Software Development Kit 12 SP2:libcgroup-devel-0.41.rc1-4.1 SUSE Linux Enterprise Software Development Kit 12 SP3:libcgroup-devel-0.41.rc1-9.1 openSUSE Tumbleweed:libcgroup-devel-0.41-2.8 openSUSE Tumbleweed:libcgroup-tools-0.41-2.8 openSUSE Tumbleweed:libcgroup1-0.41-2.8 openSUSE Tumbleweed:libcgroup1-32bit-0.41-2.8 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C