ELSA-2023-7187

Опубликовано: 17 нояб. 2023

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2023-7187: procps-ng security update (LOW)

[3.3.15-14.0.1]

ps: remove uptime integer conversion [Orabug: 35909165]
ps: improved three elapsed 'jiffies/tics' calculations [Orabug: 35909165]
Set TZ to avoid repeated stat('/etc/localtime') [Orabug: 32769816]

[3.3.15-14]

CVE-2023-4016: ps: possible buffer overflow
Resolves: rhbz#2228503

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

procps-ng

3.3.15-14.0.1.el8

procps-ng-devel

3.3.15-14.0.1.el8

procps-ng-i18n

3.3.15-14.0.1.el8

Oracle Linux x86_64

procps-ng

3.3.15-14.0.1.el8

procps-ng-devel

3.3.15-14.0.1.el8

procps-ng-i18n

3.3.15-14.0.1.el8

Связанные CVE

CVE-2023-4016

Ссылки на источники

Связанные уязвимости

CVE-2023-4016

CVSS3: 2.5

ubuntu

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 3.3

redhat

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 2.5

nvd

почти 2 года назад

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

CVE-2023-4016

CVSS3: 2.5

debian

почти 2 года назад

Under some circumstances, this weakness allows a user who has access t ...

SUSE-SU-2025:0741-1

suse-cvrf

4 месяца назад

Security update for procps