PT-2018-3527 · Procps Ng+5 · Procps-Ng+5

Published

2018-05-07

·

Updated

2024-06-15

·

CVE-2018-1122

CVSS v3.1

7.3

High

VectorAV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: procps-ng versions prior to 3.3.15
Description: The issue is related to a local privilege escalation in the top utility of the procps-ng package. It occurs when a user runs top with the HOME environment variable unset in an attacker-controlled directory. The vulnerability is exploited through the config file() function, allowing an attacker to achieve privilege escalation. The vulnerability is related to the inclusion of functions from an untrusted controlled area.
Recommendations: For versions prior to 3.3.15, update to version 3.3.15 or later to resolve the issue. As a temporary workaround, consider setting the HOME environment variable before running the top utility to minimize the risk of exploitation. Restrict access to the config file() function until a patch is available.

Exploit

Fix

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-829

Related Identifiers

ALT-PU-2019-1749
BDU:2020-03291
CESA-2019_2189
CVE-2018-1122
DLA-1390-1
DSA-4208-1
OPENSUSE-SU-2018_1848-1
OPENSUSE-SU-2019:2376-1
OPENSUSE-SU-2019:2379-1
OPENSUSE-SU-2019_0291-1
OPENSUSE-SU-2019_2376-1
OPENSUSE-SU-2019_2379-1
OPENSUSE-SU-2024:11195-1
OPENSUSE-SU-2024:12565-1
RHSA-2019:2189
RHSA-2019_2189
RHSA-2020:0595
RHSA-2020:1265
RHSA-2020:1464
SUSE-SU-2018:1836-1
SUSE-SU-2018:2042-1
SUSE-SU-2018:2451-2
SUSE-SU-2018_1836-1
SUSE-SU-2018_2042-1
SUSE-SU-2018_2451-2
SUSE-SU-2019:0450-1
SUSE-SU-2019:0450-2
SUSE-SU-2019:2730-1
SUSE-SU-2019_0450-1
SUSE-SU-2019_0450-2
SUSE-SU-2019_2730-1
USN-3658-1
USN-3658-3

Affected Products

Alt Linux
Centos
Red Hat
Suse
Ubuntu
Procps-Ng