← Back

CVE-2023-2602

nvd nist
Published: Jun 6, 2023Modified: Nov 21, 2024

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.

Affected (10)

Show all products
Libcap Project: Libcap · Redhat: Enterprise Linux · Debian: Debian Linux · Fedoraproject: Fedora
Libcap Project
1 product
Libcap
Redhat
1 product
Enterprise Linux
Debian
1 product
Debian Linux
Fedoraproject
1 product
Fedora
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Libcap
Version 2.66
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 6.0
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Enterprise Linux
Version 9.0
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 11.0
Debian Linux
Version 12.0
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 37
Fedora
Version 38

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (8)

Source: secalert@redhat.com
Issue TrackingThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
ExploitTechnical Description
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitTechnical Description

Timeline

No history available yet.