MidnightBSD

Advisories for procps-ng_project

CVE-2018-1122 MEDIUM

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-829,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
debian debian_linux 7.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
debian debian_linux 9.0
canonical ubuntu_linux 17.10
canonical ubuntu_linux 12.04
procps-ng_project procps-ng *
CVE-2018-1123 MEDIUM

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-122,CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
debian debian_linux 7.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
debian debian_linux 9.0
canonical ubuntu_linux 17.10
canonical ubuntu_linux 12.04
procps-ng_project procps-ng *
CVE-2018-1124 MEDIUM

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-122,CWE-190,CWE-190,CWE-787,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
redhat enterprise_linux_server 6.0
debian debian_linux 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux 7.0
canonical ubuntu_linux 17.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 18.04
debian debian_linux 8.0
redhat enterprise_linux 7.5
opensuse leap 15.0
debian debian_linux 9.0
redhat enterprise_linux_workstation 7.0
schneider-electric struxureware_data_center_expert *
redhat enterprise_linux_workstation 6.0
procps-ng_project procps-ng *
opensuse leap 15.1
redhat enterprise_linux 6.0
CVE-2018-1125 MEDIUM

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-121,CWE-787,CWE-121,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
debian debian_linux 7.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
debian debian_linux 9.0
canonical ubuntu_linux 17.10
canonical ubuntu_linux 12.04
procps-ng_project procps-ng *
opensuse leap 15.1
CVE-2018-1126 HIGH

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,CWE-190,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 7.5
canonical ubuntu_linux 16.04
debian debian_linux 7.0
canonical ubuntu_linux 14.04
redhat enterprise_linux 7.0
canonical ubuntu_linux 17.10
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 18.04
debian debian_linux 8.0
redhat enterprise_linux_server_tus 6.6
debian debian_linux 9.0
redhat enterprise_linux_workstation 7.0
schneider-electric struxureware_data_center_expert *
procps-ng_project procps-ng *
redhat enterprise_linux_server_aus 6.6