Problem Description:
libcasper(3) communicates with helper processes via UNIX domain
sockets, and uses the select(2) system call to wait for data to
become available. However, it does not verify that its socket
descriptor fits within select(2)'s descriptor set size limit of
FD_SETSIZE (1024).
Impact:
An attacker able to cause an application using libcasper(3) to
allocate large file descriptors, e.g., by opening many descriptors
and executing a program which is not careful to close them upon
startup, may trigger stack corruption. If the target application
runs with setuid root privileges, this could be used to escalate
local privileges.