EUVD-2018-11769

Malware in sbrugna...

[SECURITY] Fedora 38 Update: procps-ng-3.3.17-11.fc38

The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch, pwdx and pidwait. The ps command displays a snapshot of running processes. The top command...

openSUSE Security Update : procps (openSUSE-2019-2376)

This update for procps fixes the following issues : procps was updated to 3.3.15. bsc1092100 Following security issues were fixed : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved...

EulerOS Virtualization 2.5.0 : procps-ng (EulerOS-SA-2018-1340)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1326)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

OracleVM 3.3 / 3.4 : procps (OVMSA-2018-0226)

The remote OracleVM system is missing necessary patches to address critical security updates : - vmstat: fix invalid CPU utilization stats after vCPU hot-plug/unplug Konrad Rzeszutek Wilk bug 18011019 - drop leftover assignment in fix for CVE-2018-1124 causing a severe regression - Resolves:...

procps-ng pgrep buffer overflow vulnerability

procps-ng is a utility used on Linux platforms to provide information about processes on the proc file system. pgrep is one of the command line tools used to find process IDs. A stack buffer overflow vulnerability exists in pgrep in versions of procps-ng prior to 3.3.15. A detailed vulnerability...

USN-3658-1 procps vulnerabilities

It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. CVE-2018-1122 It was discovered that the procps-ng ps tool incorrectly handled memory. A local user...

Stack overflow

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

CVE-2018-1125 affects procps-ng up to version 3.3.15, with a stack-based buffer overflow in pgrep caused by a strncat() to a stack-allocated string. The impact is mitigated by Fortify builds (e.g., on RHEL/Fedora) and, in those cases, can be limited to a crash. Connected sources confirm the vulne...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

UBUNTU-CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

PT-2018-1901

Name of the Vulnerable Software and Affected Versions procps-ng versions prior to 3.3.15 Description The issue is related to a stack buffer overflow error in the pgrep function of the procps-ng set of console applications for monitoring and terminating system processes. This error can be exploite...