Advisories ยป MGASA-2023-0205

Updated libcap packages fix security vulnerability

Publication date: 28 Jun 2023
Modification date: 28 Jun 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-2602 , CVE-2023-2603


A vulnerability was found in the pthread_create() function in libcap. This
issue may allow a malicious actor to use cause __real_pthread_create() to
return an error, which can exhaust the process memory. (CVE-2023-2602)

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup()
function and can lead to an integer overflow if the input string is close
to 4GiB. (CVE-2023-2603)