Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-adjd-c317-1uf6
Vulnerability ID VCID-adjd-c317-1uf6
Aliases CVE-2011-1022
Summary The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypass intended resource restrictions via a crafted message.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1022
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1022
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1022
epss 0.00042 https://api.first.org/data/v1/epss?cve=CVE-2011-1022
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1022.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1022
615987 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987
680409 https://bugzilla.redhat.com/show_bug.cgi?id=680409
RHSA-2011:0320 https://access.redhat.com/errata/RHSA-2011:0320
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.13257
EPSS Score 0.00042
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:24:31.756633+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0