oss-sec mailing list archives
libcap/capsh: does not chdir after chroot
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Tue, 01 Nov 2011 20:54:37 +0530
Hi All, It was found that capsh program, usually shipped with the libcap package, did not do a chdir("/") after calling chroot, when called with a "--chroot" option. This resulted in the current directory being outside the chroot. This has been assigned CVE-2011-4099 Reference: https://bugzilla.redhat.com/show_bug.cgi?id=722694 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- libcap/capsh: does not chdir after chroot Huzaifa Sidhpurwala (Nov 01)