The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop.
Security Fix(es):
procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124)
procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Qualys Research Labs for reporting these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | procps | < 3.2.8-30.el6_6.1 | procps-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | i686 | procps-debuginfo | < 3.2.8-30.el6_6.1 | procps-debuginfo-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | i686 | procps-devel | < 3.2.8-30.el6_6.1 | procps-devel-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | x86_64 | procps-devel | < 3.2.8-30.el6_6.1 | procps-devel-3.2.8-30.el6_6.1.x86_64.rpm |
RedHat | 6 | x86_64 | procps-debuginfo | < 3.2.8-30.el6_6.1 | procps-debuginfo-3.2.8-30.el6_6.1.x86_64.rpm |
RedHat | 6 | x86_64 | procps | < 3.2.8-30.el6_6.1 | procps-3.2.8-30.el6_6.1.x86_64.rpm |