Описание
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 2:3.3.12-1ubuntu2.1 |
| bionic | released | 2:3.3.12-3ubuntu1.1 |
| devel | released | 2:3.3.15-2ubuntu1 |
| esm-infra-legacy/trusty | released | 1:3.3.9-1ubuntu2.3 |
| esm-infra/bionic | released | 2:3.3.12-3ubuntu1.1 |
| esm-infra/xenial | released | 2:3.3.10-4ubuntu2.4 |
| precise/esm | not-affected | 1:3.2.8-11ubuntu6.5 |
| trusty | released | 1:3.3.9-1ubuntu2.3 |
| trusty/esm | released | 1:3.3.9-1ubuntu2.3 |
| upstream | released | 3.3.15 |
Показывать по
EPSS
7.5 High
CVSS2
4.8 Medium
CVSS3
Связанные уязвимости
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
procps-ng before version 3.3.15 is vulnerable to an incorrect integer ...
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
Уязвимость функции file2strvec набора утилит командной строки procps-ng, позволяющая нарушителю повысить привилегии и выполнить произвольный код
EPSS
7.5 High
CVSS2
4.8 Medium
CVSS3