CVE-2023-2603

Summary

CVE	CVE-2023-2603
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-06-06 20:15:00 UTC
Updated	2023-11-30 05:15:00 UTC
Description	A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

Risk And Classification

Problem Types: CWE-190

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	11.0	All	All	All
Operating System	Fedoraproject	Fedora	37	All	All	All
Operating System	Fedoraproject	Fedora	38	All	All	All
Application	Libcap Project	Libcap	All	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All

References

Reference	Source	Link	Tags
2209113 – (CVE-2023-2603) CVE-2023-2603 libcap: Integer Overflow in _libcap_strdup()	MISC	bugzilla.redhat.com
www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report...	MISC	www.x41-dsec.de
FEDORA-2023-5911638116		lists.fedoraproject.org
FEDORA-2023-ad944c2d34		lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160856 Oracle Enterprise Linux Security Update for libcap (ELSA-2023-4524)
182143 Debian Security Update for libcap2 (CVE-2023-2603)
199419 Ubuntu Security Notification for libcap2 Vulnerabilities (USN-6166-1)
199514 Ubuntu Security Notification for libcap2 Vulnerability (USN-6166-2)
241931 Red Hat Update for libcap (RHSA-2023:4524)
242600 Red Hat Update for libcap (RHSA-2023:7400)
242749 Red Hat Update for libcap (RHSA-2024:0436)
284778 Fedora Security Update for libcap (FEDORA-2023-5911638116)
285129 Fedora Security Update for libcap (FEDORA-2023-ad944c2d34)
503009 Alpine Linux Security Update for libcap
503010 Alpine Linux Security Update for libcap
503012 Alpine Linux Security Update for libcap
6140232 AWS Bottlerocket Security Update for libcap (GHSA-mwc6-pg78-5c92)
673268 EulerOS Security Update for libcap (EulerOS-SA-2023-2615)
673296 EulerOS Security Update for libcap (EulerOS-SA-2023-2585)
673500 EulerOS Security Update for libcap (EulerOS-SA-2023-2788)
673559 EulerOS Security Update for libcap (EulerOS-SA-2024-1276)
674028 EulerOS Security Update for libcap (EulerOS-SA-2023-2812)
754153 SUSE Enterprise Linux Security Update for libcap (SUSE-SU-2023:2764-1)
754212 SUSE Enterprise Linux Security Update for libcap (SUSE-SU-2023:2956-1)
907032 Common Base Linux Mariner (CBL-Mariner) Security Update for libcap (27065-1)
907067 Common Base Linux Mariner (CBL-Mariner) Security Update for libcap (27034-1)
941220 AlmaLinux Security Update for libcap (ALSA-2023:4524)
941246 AlmaLinux Security Update for libcap (ALSA-2023:5071)