Libcap Project

libcap_project

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-4878 2Libcap Project Redhat 3Enterprise Linux LibcapOpenshift Container Platform Jun 4, 2026 Apr 9, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory t...Show more A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.Show less
CVE-2023-2603 4Debian FedoraprojectLibcap Project+1 more 4Debian Linux Enterprise LinuxFedora+1 more Dec 2, 2025 Jun 6, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
CVE-2023-2602 4Debian FedoraprojectLibcap Project+1 more 4Debian Linux Enterprise LinuxFedora+1 more Nov 21, 2024 Jun 6, 2023 N/A· v4 3.3 LOW· v3 N/A· v2 A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.