PT-2018-3528 · Procps Ng+3 · Procps-Ng+3

Publicado

2018-05-07

Atualizado

2024-06-15

CVE-2018-1123

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: procps-ng versions prior to 3.3.15

Description: The issue is related to a buffer overflow in the ps command, which can cause a denial of service. This is due to an out-of-bounds operation in memory. The impact is limited to a crash, resulting in a temporary denial of service, because of an inbuilt protection mechanism that maps a guard page at the end of the overflowed buffer.

Recommendations: For versions prior to 3.3.15, update to version 3.3.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the ps command to minimize the risk of exploitation.

Exploit

Correção

DoS

Buffer Overflow

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-122

Identificadores relacionados

ALT-PU-2019-1749

BDU:2020-03292

CVE-2018-1123

DLA-1390-1

DSA-4208-1

OPENSUSE-SU-2018_1848-1

OPENSUSE-SU-2019:2376-1

OPENSUSE-SU-2019:2379-1

OPENSUSE-SU-2019_0291-1

OPENSUSE-SU-2019_2376-1

OPENSUSE-SU-2019_2379-1

OPENSUSE-SU-2024:11195-1

OPENSUSE-SU-2024:12565-1

SUSE-SU-2018:1836-1

SUSE-SU-2018:2042-1

SUSE-SU-2018:2451-2

SUSE-SU-2019:0450-1

SUSE-SU-2019:0450-2

SUSE-SU-2019:2730-1

USN-3658-1

USN-3658-3

Produtos afetados

Alt Linux

Suse

Ubuntu

Procps-Ng

PT-2018-3528 · Procps Ng+3 · Procps-Ng+3

CVE-2018-1123

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 77