A potential stack-based buffer overflow has been found in the pgrep utility of procps-ng <= 3.3.14. If the strlen() of one of the cmdline arguments is greater than INT_MAX (it is possible), then the "int bytes" could wrap around completely, back to a very large positive int, and the next strncat() would be called with a huge number of destination bytes (a stack-based buffer overflow). Fortunately, every distribution that we checked compiles its procps utilities with FORTIFY, and the fortified strncat() detects and aborts the buffer overflow before it occurs.
A potential stack-based buffer overflow has been found in the pgrep utility of procps-ng <= 3.3.14. If the strlen() of one of the cmdline arguments is greater than INT_MAX (it is possible), then the "int bytes" could wrap around completely, back to a very large positive int, and the next strncat() would be called with a huge number of destination bytes (a stack-based buffer overflow). Fortunately, every distribution that we checked compiles its procps utilities with FORTIFY, and the fortified strncat() detects and aborts the buffer overflow before it occurs.
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
Related patch in Qualys' tarball: 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch