Vulnerabilities > CVE-2018-1124 - Integer Overflow or Wraparound vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH local
low complexity
procps-ng-project
canonical
debian
redhat
schneider-electric
opensuse
CWE-190
nessus
exploit available
Summary
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Exploit-Db
description | Procps-ng - Multiple Vulnerabilities. CVE-2018-1120,CVE-2018-1121,CVE-2018-1122,CVE-2018-1123,CVE-2018-1124. Local exploit for Linux platform. Tags: Denial o... |
file | exploits/linux/local/44806.txt |
id | EDB-ID:44806 |
last seen | 2018-05-30 |
modified | 2018-05-30 |
platform | linux |
port | |
published | 2018-05-30 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/44806/ |
title | Procps-ng - Multiple Vulnerabilities |
type | local |
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-1700.NASL description From Red Hat Security Advisory 2018:1700 : An update for procps-ng is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110070 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110070 title Oracle Linux 7 : procps-ng (ELSA-2018-1700) NASL family Scientific Linux Local Security Checks NASL id SL_20180523_PROCPS_NG_ON_SL7_X.NASL description Security Fix(es) : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) - procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) last seen 2020-03-18 modified 2018-05-24 plugin id 110088 published 2018-05-24 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110088 title Scientific Linux Security Update : procps-ng on SL7.x x86_64 (20180523) NASL family Fedora Local Security Checks NASL id FEDORA_2018-DE5DE06754.NASL description Fixes for : - CVE-2018-1124 - CVE-2018-1126 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-05-25 plugin id 110103 published 2018-05-25 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110103 title Fedora 27 : procps-ng (2018-de5de06754) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2730-1.NASL description This update for procps fixes the following issues : procps was updated to 3.3.15. (bsc#1092100) Following security issues were fixed : CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Also The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 130145 published 2019-10-22 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130145 title SUSE SLED15 / SLES15 Security Update : procps (SUSE-SU-2019:2730-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2379.NASL description This update for procps fixes the following issues : procps was updated to 3.3.15. (bsc#1092100) Following security issues were fixed : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Also this non-security issue was fixed : - Fix CPU summary showing old data. (bsc#1121753) The update to 3.3.15 contains the following fixes : - library: Increment to 8:0:1 No removals, no new functions Changes: slab and pid structures - library: Just check for SIGLOST and don last seen 2020-06-01 modified 2020-06-02 plugin id 130334 published 2019-10-28 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130334 title openSUSE Security Update : procps (openSUSE-2019-2379) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1340.NASL description According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.(CVE-2018-1122) - Due to incorrect accounting when decoding and escaping Unicode data in procfs, ps is vulnerable to overflowing an mmap()ed region when formatting the process list for display. Since ps maps a guard page at the end of the buffer, impact is limited to a crash.(CVE-2018-1123) - If an argument longer than INT_MAX bytes is given to pgrep, last seen 2020-06-01 modified 2020-06-02 plugin id 118428 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118428 title EulerOS Virtualization 2.5.0 : procps-ng (EulerOS-SA-2018-1340) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2401.NASL description An update for procps-ng is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 127718 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127718 title RHEL 7 : procps-ng (RHSA-2019:2401) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3658-1.NASL description It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. (CVE-2018-1122) It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. (CVE-2018-1123) It was discovered that libprocps incorrectly handled the file2strvec() function. A local attacker could possibly use this to execute arbitrary code. (CVE-2018-1124) It was discovered that the procps-ng pgrep utility incorrectly handled memory. A local attacker could possibly use this issue to cause de denial of service. (CVE-2018-1125) It was discovered that procps-ng incorrectly handled memory. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-1126). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110094 published 2018-05-24 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110094 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : procps vulnerabilities (USN-3658-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-1777.NASL description From Red Hat Security Advisory 2018:1777 : An update for procps is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110276 published 2018-06-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110276 title Oracle Linux 6 : procps (ELSA-2018-1777) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-1944.NASL description An update for procps-ng is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 127631 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127631 title RHEL 7 : procps-ng (RHSA-2019:1944) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-291.NASL description This update for procps fixes the following security issues : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). (These issues were previously released for SUSE Linux Enterprise 12 SP3 and SP4.) Also the following non-security issue was fixed : - Fix CPU summary showing old data. (bsc#1121753) This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 122607 published 2019-03-05 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122607 title openSUSE Security Update : procps (openSUSE-2019-291) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-1700.NASL description An update for procps-ng is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110204 published 2018-05-30 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110204 title CentOS 7 : procps-ng (CESA-2018:1700) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2268.NASL description An update for procps is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111366 published 2018-07-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111366 title RHEL 6 : procps (RHSA-2018:2268) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0155_PROCPS.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has procps packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). (CVE-2018-1124) - A flaw was found where procps-ng provides wrappers for standard C allocators that took `unsigned int` instead of `size_t` parameters. On platforms where these differ (such as x86_64), this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowed. The only known exploitable vector for this issue is CVE-2018-1124. (CVE-2018-1126) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127432 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127432 title NewStart CGSL MAIN 4.05 : procps Multiple Vulnerabilities (NS-SA-2019-0155) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1777.NASL description An update for procps is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110279 published 2018-06-01 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110279 title RHEL 6 : procps (RHSA-2018:1777) NASL family Scientific Linux Local Security Checks NASL id SL_20180531_PROCPS_ON_SL6_X.NASL description Security Fix(es) : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) - procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) last seen 2020-03-18 modified 2018-06-01 plugin id 110282 published 2018-06-01 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110282 title Scientific Linux Security Update : procps on SL6.x i386/x86_64 (20180531) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1700.NASL description An update for procps-ng is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110082 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110082 title RHEL 7 : procps-ng (RHSA-2018:1700) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0019_PROCPS-NG.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has procps-ng packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). (CVE-2018-1124) - A flaw was found where procps-ng provides wrappers for standard C allocators that took `unsigned int` instead of `size_t` parameters. On platforms where these differ (such as x86_64), this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowed. The only known exploitable vector for this issue is CVE-2018-1124. (CVE-2018-1126) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127175 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127175 title NewStart CGSL CORE 5.04 / MAIN 5.04 : procps-ng Multiple Vulnerabilities (NS-SA-2019-0019) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-685.NASL description This update for procps fixes the following security issues : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2018-07-02 plugin id 110830 published 2018-07-02 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110830 title openSUSE Security Update : procps (openSUSE-2018-685) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2042-1.NASL description This update for procps fixes the following security issues : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111264 published 2018-07-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111264 title SUSE SLES11 Security Update : procps (SUSE-SU-2018:2042-1) NASL family Junos Local Security Checks NASL id JUNIPER_SPACE_JSA10917_184R1.NASL description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel last seen 2020-06-01 modified 2020-06-02 plugin id 121068 published 2019-01-10 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121068 title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-1777.NASL description An update for procps is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110296 published 2018-06-04 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110296 title CentOS 6 : procps (CESA-2018:1777) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201805-14.NASL description The remote host is affected by the vulnerability described in GLSA-201805-14 (procps: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in procps. Please review the CVE identifiers referenced below for details. Impact : A local attacker could execute arbitrary code, escalate privileges, or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 110255 published 2018-05-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110255 title GLSA-201805-14 : procps: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0450-1.NASL description This update for procps fixes the following security issues : CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). (These issues were previously released for SUSE Linux Enterprise 12 SP3 and SP4.) Also The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122361 published 2019-02-21 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122361 title SUSE SLED12 / SLES12 Security Update : procps (SUSE-SU-2019:0450-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0175_PROCPS.NASL description An update of the procps package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 121877 published 2019-02-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121877 title Photon OS 1.0: Procps PHSA-2018-1.0-0175 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0084.NASL description An update of 'procps-ng', 'openssl', 'perl' packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 112035 published 2018-08-21 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=112035 title Photon OS 2.0: Openssl / Procps-ng / Perl PHSA-2018-2.0-0084 (deprecated) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-1031.NASL description Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w).(CVE-2018-1124) A flaw was found where procps-ng provides wrappers for standard C allocators that took `unsigned int` instead of `size_t` parameters. On platforms where these differ (such as x86_64), this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowed. The only known exploitable vector for this issue is CVE-2018-1124 .(CVE-2018-1126) last seen 2020-06-01 modified 2020-06-02 plugin id 110448 published 2018-06-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110448 title Amazon Linux 2 : procps-ng (ALAS-2018-1031) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0135_PROCPS.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has procps packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). (CVE-2018-1124) - A flaw was found where procps-ng provides wrappers for standard C allocators that took `unsigned int` instead of `size_t` parameters. On platforms where these differ (such as x86_64), this could cause integer truncation, leading to undersized regions being returned to callers that could then be overflowed. The only known exploitable vector for this issue is CVE-2018-1124. (CVE-2018-1126) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127394 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127394 title NewStart CGSL MAIN 4.05 : procps Multiple Vulnerabilities (NS-SA-2019-0135) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-1836-1.NASL description This update for procps fixes the following security issues : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 110804 published 2018-06-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110804 title SUSE SLED12 / SLES12 Security Update : procps (SUSE-SU-2018:1836-1) NASL family Fedora Local Security Checks NASL id FEDORA_2018-BBA8FED5AB.NASL description Fixes for : - CVE-2018-1124 - CVE-2018-1126 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120743 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120743 title Fedora 28 : procps-ng (2018-bba8fed5ab) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2451-2.NASL description This update for procps fixes the following security issues : CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 119211 published 2018-11-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119211 title SUSE SLED12 / SLES12 Security Update : procps (SUSE-SU-2018:2451-2) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1198.NASL description According to the versions of the procps-ng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) - procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.(CVE-2018-1122) - Due to incorrect accounting when decoding and escaping Unicode data in procfs, ps is vulnerable to overflowing an mmap()ed region when formatting the process list for display. Since ps maps a guard page at the end of the buffer, impact is limited to a crash.(CVE-2018-1123) - If an argument longer than INT_MAX bytes is given to pgrep, last seen 2020-05-06 modified 2018-07-03 plugin id 110862 published 2018-07-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110862 title EulerOS 2.0 SP2 : procps-ng (EulerOS-SA-2018-1198) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4208.NASL description The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-1122 top read its configuration from the current working directory if no $HOME was configured. If top were started from a directory writable by the attacker (such as /tmp) this could result in local privilege escalation. - CVE-2018-1123 Denial of service against the ps invocation of another user. - CVE-2018-1124 An integer overflow in the file2strvec() function of libprocps could result in local privilege escalation. - CVE-2018-1125 A stack-based buffer overflow in pgrep could result in denial of service for a user using pgrep for inspecting a specially crafted process. - CVE-2018-1126 Incorrect integer size parameters used in wrappers for standard C allocators could cause integer truncation and lead to integer overflow issues. last seen 2020-06-01 modified 2020-06-02 plugin id 109969 published 2018-05-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109969 title Debian DSA-4208-1 : procps - security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1274.NASL description According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec.(CVE-2018-1124) - procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues.(CVE-2018-1126) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 117583 published 2018-09-18 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117583 title EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1274) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2376.NASL description This update for procps fixes the following issues : procps was updated to 3.3.15. (bsc#1092100) Following security issues were fixed : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Also this non-security issue was fixed : - Fix CPU summary showing old data. (bsc#1121753) The update to 3.3.15 contains the following fixes : - library: Increment to 8:0:1 No removals, no new functions Changes: slab and pid structures - library: Just check for SIGLOST and don last seen 2020-06-01 modified 2020-06-02 plugin id 130333 published 2019-10-28 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130333 title openSUSE Security Update : procps (openSUSE-2019-2376) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1390.NASL description The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2018-1122 top read its configuration from the current working directory if no $HOME was configured. If top were started from a directory writable by the attacker (such as /tmp) this could result in local privilege escalation. CVE-2018-1123 Denial of service against the ps invocation of another user. CVE-2018-1124 An integer overflow in the file2strvec() function of libprocps could result in local privilege escalation. CVE-2018-1125 A stack-based buffer overflow in pgrep could result in denial of service for a user using pgrep for inspecting a specially crafted process. CVE-2018-1126 Incorrect integer size parameters used in wrappers for standard C allocators could cause integer truncation and lead to integer overflow issues. For Debian 7 last seen 2020-03-17 modified 2018-06-05 plugin id 110312 published 2018-06-05 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110312 title Debian DLA-1390-1 : procps security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1820.NASL description An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host last seen 2020-06-01 modified 2020-06-02 plugin id 110467 published 2018-06-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110467 title RHEL 7 : Virtualization (RHSA-2018:1820) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2018-0226.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - vmstat: fix invalid CPU utilization stats after vCPU hot-plug/unplug (Konrad Rzeszutek Wilk) [bug 18011019] - drop leftover assignment in fix for CVE-2018-1124 causing a severe regression - Resolves: (CVE-2018-1124) - fix integer overflows leading to heap overflow in file2strvec - Resolves: CVE-2018-1124 (CVE-2018-1126) - ps: STIME no longer 1970 if many cores in /proc/stat - Resolves: rhbz#1460176 - slabtop: additional work on usage computation to work on 32bit archs - Related: rhbz#1330008 - Removal of patch 92 - procps-3.2.8-pgrep-15-chars-warning.patch - Related: rhbz#877352 - Rework of patch 91 from 3.2.8-37, stripping removed permanently, no new option - Resolves: rhbz#1322111 - top: Termination with segfault if /proc becomes inaccessible during run - Resolves: rhbz#928724 - sysctl manpage: Added explanation of conf files precedence - Resolves: rhbz#1217077 - sysctl.conf manpage: new NOTES section with predefined vars hint - Resolves: rhbz#1318644 - slabtop: fixing incorrect usage percent computation - int overflow - Resolves: rhbz#1330008 - New warning if pattern exceeds 15 characters without -f option - Resolves: #877352 - Adding option to skip stripping of wchan name data - Resolves: #1322111 - #1201024 - [RFE] Increase sysctl -p line size limit - #1246573 - typo in ps man page - #1251101 - Fixing human readable patch (removing trailing spaces) - #1284076 - [RFE] Support for thread cgroups - #1288208 - use of /proc/self/auxv breaks ps when running as a different euid - #1288497 - pmap - no sums computed for RSS and Dirty column - Resolves: #1201024 #1246573 #1251101 #1284076 #1288208 #1288497 - #1262870 - Correctly skip vmflags (and other keys starting with A-Z) - Resolves: #1262870 - #1246379 - free: values truncated to the column width - Resolves: #1246379 - #1120580 - [RFE] Have sysctl -p read info from /etc/sysctl.d - Related: rhbz#1120580 - #1120580 - [RFE] Have sysctl -p read info from /etc/sysctl.d - Related: rhbz#1120580 - #993072 - Make the last seen 2020-06-01 modified 2020-06-02 plugin id 110306 published 2018-06-04 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110306 title OracleVM 3.3 / 3.4 : procps (OVMSA-2018-0226) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2018-142-03.NASL description New procps-ng packages are available for Slackware 14.2 and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 109950 published 2018-05-23 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109950 title Slackware 14.2 / current : procps-ng (SSA:2018-142-03) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2267.NASL description An update for procps is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix(es) : * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111365 published 2018-07-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111365 title RHEL 6 : procps (RHSA-2018:2267) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1199.NASL description According to the versions of the procps-ng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) - procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-07-03 plugin id 110863 published 2018-07-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110863 title EulerOS 2.0 SP3 : procps-ng (EulerOS-SA-2018-1199) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0084_PROCPS.NASL description An update of the procps package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 121983 published 2019-02-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121983 title Photon OS 2.0: Procps PHSA-2018-2.0-0084
Packetstorm
data source | https://packetstormsecurity.com/files/download/147806/qualys-procps-ng-audit-report.txt |
id | PACKETSTORM:147806 |
last seen | 2018-05-24 |
published | 2018-05-22 |
reporter | qualys.com |
source | https://packetstormsecurity.com/files/147806/Procps-ng-Audit-Report.html |
title | Procps-ng Audit Report |
Redhat
advisories |
| ||||||||||||||||||||||||||||
rpms |
|
References
- https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124
- http://seclists.org/oss-sec/2018/q2/122
- https://www.debian.org/security/2018/dsa-4208
- https://usn.ubuntu.com/3658-1/
- https://access.redhat.com/errata/RHSA-2018:1700
- http://www.securityfocus.com/bid/104214
- https://www.exploit-db.com/exploits/44806/
- https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html
- https://access.redhat.com/errata/RHSA-2018:1777
- https://usn.ubuntu.com/3658-2/
- https://access.redhat.com/errata/RHSA-2018:1820
- https://kc.mcafee.com/corporate/index?page=content&id=SB10241
- http://www.securitytracker.com/id/1041057
- https://access.redhat.com/errata/RHSA-2018:2268
- https://access.redhat.com/errata/RHSA-2018:2267
- https://security.gentoo.org/glsa/201805-14
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://access.redhat.com/errata/RHSA-2019:1944
- https://access.redhat.com/errata/RHSA-2019:2401
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html