Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-1123 | 5.0 |
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporar
|
29-06-2021 - 15:15 | 23-05-2018 - 14:29 | |
CVE-2018-1125 | 5.0 |
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux a
|
09-09-2020 - 14:59 | 23-05-2018 - 14:29 | |
CVE-2018-1124 | 4.6 |
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which co
|
09-09-2020 - 14:58 | 23-05-2018 - 13:29 | |
CVE-2018-1121 | 4.3 |
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list
|
30-06-2020 - 16:15 | 13-06-2018 - 20:29 | |
CVE-2018-1120 | 3.5 |
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w
|
09-10-2019 - 23:38 | 20-06-2018 - 13:29 | |
CVE-2018-1122 | 4.4 |
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities
|
03-10-2019 - 00:03 | 23-05-2018 - 14:29 | |
CVE-2018-1126 | 7.5 |
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
|
30-07-2019 - 13:15 | 23-05-2018 - 13:29 |