CESA-2018:1777 -- centos 6 procpsID: oval:org.secpod.oval:def:204833 | Date: (C)2018-06-19 (M)2023-07-28 |
Class: PATCH | Family: unix |
The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop. Security Fix: * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Qualys Research Labs for reporting these issues.