CVE-2025-1390

Publication date 20 February 2025

Last updated 30 May 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

6.1 · Medium

Score breakdown

The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames.

Status

Package Ubuntu Release Status
libcap2 25.04 plucky
Not affected
24.10 oracular
Fixed 1:2.66-5ubuntu3.1
24.04 LTS noble
Fixed 1:2.66-5ubuntu2.2
22.04 LTS jammy
Fixed 1:2.44-1ubuntu0.22.04.2
20.04 LTS focal
Fixed 1:2.32-1ubuntu0.2
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty
Needs evaluation

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
libcap2

Severity score breakdown

Parameter Value
Base score 6.1 · Medium
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact High
Availability impact None
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

References

Related Ubuntu Security Notices (USN)

    • USN-7287-1
    • libcap2 vulnerability
    • 24 February 2025

Other references