Published: 23/05/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

Vulnerable Product	Search on Vulmon	Subscribe to Product
procps-ng project procps-ng
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 12.04
canonical ubuntu linux 17.10
canonical ubuntu linux 18.04
debian debian linux 8.0
debian debian linux 7.0
debian debian linux 9.0

Debian Bug report logs - #899170 procps: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 Package: src:procps; Maintainer for src:procps is Craig Small <csmall@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 20 May 2018 09:30:01 UTC Severity: important Tags: security ...

The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-1122 top read its configuration from the current working directory if no $HOME was configured If top were ...

Several security issues were fixed in procps-ng ...

Due to incorrect accounting when decoding and escaping Unicode data in procfs, ps is vulnerable to overflowing an mmap()ed region when formatting the process list for display Since ps maps a guard page at the end of the buffer, impact is limited to a crash ...

A security issue has been found in procps-ng <= 3314 where an attacker can overflow the output buffer of ps, when executed by another user, administrator, or script: a denial of service only (not an LPE), because ps mmap()s its output buffer and mprotect()s its last page with PROT_NONE (an effective guard page) ...

Qualys Security Advisory Procps-ng Audit Report ======================================================================== Contents ======================================================================== Summary 1 FUSE-backed /proc/PID/cmdline 2 Unprivileged process hiding 3 Local Privilege Escalation in top (Low Impact) 4 Denial of Service ...

Qualys performed an extensive audit of procps-ng They discovered hundreds of bugs and vulnerabilities ...

CWE-122 https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1123 http://seclists.org/oss-sec/2018/q2/122 https://www.debian.org/security/2018/dsa-4208 https://usn.ubuntu.com/3658-1/http://www.securityfocus.com/bid/104214 https://www.exploit-db.com/exploits/44806/https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html https://usn.ubuntu.com/3658-3/https://security.gentoo.org/glsa/201805-14 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899170 https://nvd.nist.gov https://usn.ubuntu.com/3658-1/https://www.exploit-db.com/exploits/44806/https://www.debian.org/security/./dsa-4208

CVE-2018-1123

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect