Описание
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | procps | Will not fix | ||
| Red Hat Enterprise Linux 6 | procps | Will not fix | ||
| Red Hat Enterprise Linux 8 | procps-ng | Not affected | ||
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-34/ansible-tower-memcached | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-35/ansible-tower-memcached | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-37/ansible-tower-memcached-rhel7 | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Enterprise Linux 7 | procps-ng | Fixed | RHSA-2019:2189 | 06.08.2019 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | procps-ng | Fixed | RHSA-2020:0595 | 25.02.2020 |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | procps-ng | Fixed | RHSA-2020:0595 | 25.02.2020 |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | procps-ng | Fixed | RHSA-2020:0595 | 25.02.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
procps-ng before version 3.3.15 is vulnerable to a local privilege esc ...
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
ELSA-2019-2189: procps-ng security and bug fix update (MODERATE)
EPSS
6.7 Medium
CVSS3