CVE-2023-4016

Опубликовано: 02 авг. 2023

Источник: debian

EPSS Низкий

Описание

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
procps	fixed	2:4.0.4-1		package
procps	no-dsa		bookworm	package
procps	no-dsa		bullseye	package
procps	postponed		buster	package

Примечания

https://gitlab.com/procps-ng/procps/-/issues/297
https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413

EPSS

Процентиль: 1%

0.0001

Низкий

Связанные уязвимости

CVE-2023-4016

CVSS3: 2.5

ubuntu

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 3.3

redhat

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 2.5

nvd

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

SUSE-SU-2025:0741-1

suse-cvrf

4 месяца назад

Security update for procps

SUSE-SU-2025:0725-1

suse-cvrf

4 месяца назад

Security update for procps

EPSS

Процентиль: 1%

0.0001

Низкий