MidnightBSD

Advisories for libcap_project

CVE-2023-2602

A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.

Products Affected

Vendor Product Version
redhat enterprise_linux 7.0
debian debian_linux 11.0
fedoraproject fedora 37
debian debian_linux 10.0
redhat enterprise_linux 9.0
redhat enterprise_linux 6.0
redhat enterprise_linux 8.0
debian debian_linux 12.0
fedoraproject fedora 38
libcap_project libcap 2.66
CVE-2023-2603

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

Products Affected

Vendor Product Version
libcap_project libcap *
debian debian_linux 11.0
fedoraproject fedora 37
redhat enterprise_linux 9.0
redhat enterprise_linux 8.0
fedoraproject fedora 38
CVE-2026-4878

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.8 5.9
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

Products Affected

Vendor Product Version
redhat openshift_container_platform 4.0
redhat enterprise_linux 9.0
redhat enterprise_linux 10.0
redhat enterprise_linux 8.0
libcap_project libcap -