Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:0450-2

Опубликовано: 27 апр. 2019
Источник: suse-cvrf

Описание

Security update for procps

This update for procps fixes the following security issues:

  • CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100).
  • CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100).
  • CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100).
  • CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
  • CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100).

(These issues were previously released for SUSE Linux Enterprise 12 SP3 and SP4.)

Also the following non-security issue was fixed:

  • Fix CPU summary showing old data. (bsc#1121753)

Список пакетов

Container caasp/v4/nginx-ingress-controller:beta1
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Container suse/sles12sp3:latest
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Container suse/sles12sp4:latest
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Container suse/sles12sp5:latest
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-Azure-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-EC2-HVM-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-GCE-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-OCI-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-Azure
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-Azure-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-EC2-HVM
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-GCE
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-GCE-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP4-SAP-OCI-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-Basic-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-HPC-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-HPC-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-SAP-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-SAP-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-Azure-Standard-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-EC2-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-EC2-ECS-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-EC2-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-EC2-SAP-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-EC2-SAP-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-GCE-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-GCE-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-GCE-SAP-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-GCE-SAP-On-Demand
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-OCI-BYOS-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libprocps3-3.3.9-11.18.1
procps-3.3.9-11.18.1

Ссылки

Описание

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:libprocps3-3.3.9-11.18.1
Container caasp/v4/nginx-ingress-controller:beta1:procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:libprocps3-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:procps-3.3.9-11.18.1
Ссылки

Описание

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:libprocps3-3.3.9-11.18.1
Container caasp/v4/nginx-ingress-controller:beta1:procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:libprocps3-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:procps-3.3.9-11.18.1
Ссылки

Описание

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:libprocps3-3.3.9-11.18.1
Container caasp/v4/nginx-ingress-controller:beta1:procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:libprocps3-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:procps-3.3.9-11.18.1
Ссылки

Описание

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.

Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:libprocps3-3.3.9-11.18.1
Container caasp/v4/nginx-ingress-controller:beta1:procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:libprocps3-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:procps-3.3.9-11.18.1
Ссылки

Описание

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:libprocps3-3.3.9-11.18.1
Container caasp/v4/nginx-ingress-controller:beta1:procps-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:libprocps3-3.3.9-11.18.1
Container suse/ltss/sle12.5/sles12sp5:latest:procps-3.3.9-11.18.1
Ссылки
Уязвимость SUSE-SU-2019:0450-2