Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 730
Alerts This Week
Warning Icon 1 730

Fedora 38: Critical Integer Overflow and Memory Leak Resolution in libcap

fedora
Calendar Grey November 30, 2023
Dist Fedora Esm H88
Boost the security of Fedora 38 by updating libcap to mitigate issues such as buffer overflows and memory corruption.
Backport fix for CVE-2023-2602 and CVE-2023-2603

Summary

libcap is a library for getting and setting POSIX.1e (formerly POSIX 6)

draft 15 capabilities.

Update Information:

Backport fix for CVE-2023-2602 and CVE-2023-2603

Change Log

* Wed Nov 22 2023 Carlos Rodriguez-Fernandez - 2.48-7 - Backport fix for CVE-2023-2602 and CVE-2023-2603

References


[ 1 ] Bug #2210635 - CVE-2023-2603 libcap: Integer Overflow in _libcap_strdup() [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2210635 [ 2 ] Bug #2210643 - CVE-2023-2602 libcap: Memory Leak on pthread_create() Error [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2210643

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-5911638116' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libcap
Product: Fedora 38
Version: 2.48
Release: 7.fc38
Summary: Library for getting and setting POSIX.1e capabilities

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.