4 matches found
K00409335: procps-ng vulnerability CVE-2018-1122
Security Advisory Description procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the configfil...
procps: Local privilege escalation in top
If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...
procps-ng elevation of privilege vulnerability
procps-ng is a utility used on Linux platforms to provide information about proc filesystem processes. An elevation of privilege vulnerability exists in the 'configfile' function of top in versions of procps-ng prior to 3.3.15. A local attacker can exploit this vulnerability to elevate privileges...
CVE-2018-1122
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the configfile function...