1.116.1. RHSA-2011:0320: Important security update
Updated libcgroup packages that fix two security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
The libcgroup packages provide tools and libraries to control and monitor control groups.
A heap-based buffer overflow flaw was found in the way libcgroup converted a list of user-provided controllers for a particular task into an array of strings. A local attacker could use this flaw to escalate their privileges via a specially-crafted list of controllers. (CVE-2011-1006)
It was discovered that libcgroup did not properly check the origin of Netlink messages. A local attacker could use this flaw to send crafted Netlink messages to the cgrulesengd daemon, causing it to put processes into one or more existing control groups, based on the attacker's choosing, possibly allowing the particular tasks to run with more resources (memory, CPU, etc.) than originally intended. (CVE-2011-1022)
Red Hat would like to thank Nelson Elhage for reporting the CVE-2011-1006 issue.
All libcgroup users should upgrade to these updated packages, which contain backported patches to correct these issues.
1.116.2. RHBA-2011:0577: bug fix and enhancement update
Updated libcgroup packages that fix several bugs and add an enhancement are now available for Red Hat Enterprise Linux 6.
The libcgroup packages provide tools and libraries to control and monitor control groups.
These updated libcgroup packages provide fixes for the following bugs:
With this update, the cgred and cgconfig services return proper exit codes when an error occurs. (
BZ#620368)
The cgconfig service was erroneously setting values of configured parameters in the reverse order as they were written in the /etc/cgconfig.conf file. With this update, the cgconfig service now correctly sets parameter values in the same order as they appear in the configuration file. (
BZ#622462)
The cgget command (which prints parameters of given cgroups) did not correctly display information about resource controllers due to a small buffer size. With this update, the buffer is no longer limited in size and the cgget command displays correct information. (
BZ#626127)
The cgcreate command changed the current working directory when creating a cgroup. The command restored the working directory to the previous location, however, some directory changes could have been refused (for example, SELinux; resulting in cryptic security denials). With this update, the cgcreate command no longer changes the current working directory and therefore no longer incurs any SELinux denials. (
BZ#628895)
After re-mounting a hierarchy of cgroups, the lssubsys command displayed incorrect information about the mounted hierarchies. This update fixes the faulty parsing of mounted hierarchies which are now correctly displayed. (
BZ#635984)
The cgred service failed to start if the cgconfig service was not running and returned the following error: "libcgroup initialization failed, 50001". With this update, a more human-readable error message is returned when the cgred service is started before the cgconfig service. (
BZ#650984)
The cgclassify command returned exit code 1 even if no errors occurred. With this update, exit code 0 is returned in the aforementioned case. (
BZ#667957)
The /etc/cgconfig.conf file could not contain parameter values with special characters such as commas. Therefore, it was not possible to set certain values for some parameters (for example, cpuset.cpus=0,2). With this update, the cgconfig.conf parser allows enclosing the parameter values inside double quotes which allow special characters to be defined inside them (for example, cpuset.cpus="0,2"). (
BZ#679698)
In addition, these updated packages provide the following enhancement:
The libcgroup package now includes the cgsnapshot tool which is used to write the current state of control groups to a configuration file. (
BZ#649195)
Users are advised to upgrade to these updated libcgroup packages, which resolve these issues and add this enhancement.
