Primary

Context

libcap PAM Module Local Privilege Escalation Vulnerability

Vulnerability

Patched

A local privilege escalation vulnerability has been identified in the PAM module pam_cap.so of libcap, affecting all Linux distributions. The issue arises because the module incorrectly parses group names in the /etc/security/capability.conf file. Group names not starting with '@' are misinterpreted as valid group names, potentially allowing unintended users to inherit capabilities and escalate privileges. This vulnerability can be exploited by crafting specific usernames to manipulate the inherited capability set.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing users to gain elevated rights on the system.

Remediation

This vulnerability has been fixed in Anolis OS versions 8, 23, and 23.2. Users can refer to the Anolis OS errata ANSA-2025:0096 for details on the update.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libcap PAM Module Local Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

libcap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating