[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-1124Date: (C)2018-05-24   (M)2023-12-22


procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.8CVSS Score : 4.6
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
SECTRACK-1041057
BID-104214
EXPLOIT-DB-44806
DSA-4208
GLSA-201805-14
RHSA-2018:1700
RHSA-2018:1777
RHSA-2018:1820
RHSA-2018:2267
RHSA-2018:2268
RHSA-2019:1944
RHSA-2019:2401
USN-3658-1
USN-3658-2
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html
http://seclists.org/oss-sec/2018/q2/122
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://kc.mcafee.com/corporate/index?page=content&id=SB10241
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
openSUSE-SU-2019:2376
openSUSE-SU-2019:2379

CPE    13
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:7.0
cpe:/o:debian:debian_linux:8.0
cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
...
CWE    1
CWE-787
OVAL    19
oval:org.secpod.oval:def:89043743
oval:org.secpod.oval:def:89043720
oval:org.secpod.oval:def:89043519
oval:org.secpod.oval:def:89043545
...

© SecPod Technologies