CVE-2023-4016

Опубликовано: 02 авг. 2023

Источник: nvd

CVSS3: 2.5

CVSS3: 3.3

EPSS Низкий

Описание

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Ссылки

https://gitlab.com/procps-ng/procps
Product
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/
Mitigation
Third Party Advisory
https://gitlab.com/procps-ng/procps
Product
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:procps_project:procps:*:*:*:*:*:*:*:*

Версия от 3.3.0 (включая) до 4.0.3 (включая)

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.0001

Низкий

2.5 Low

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-122

CWE-787

Связанные уязвимости

CVE-2023-4016

CVSS3: 2.5

ubuntu

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 3.3

redhat

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 2.5

debian

почти 2 года назад

Under some circumstances, this weakness allows a user who has access t ...

SUSE-SU-2025:0741-1

suse-cvrf

4 месяца назад

Security update for procps

SUSE-SU-2025:0725-1

suse-cvrf

4 месяца назад

Security update for procps

EPSS

Процентиль: 1%

0.0001

Низкий

2.5 Low

CVSS3

3.3 Low

CVSS3

Дефекты

CWE-122

CWE-787