CVE-2018-1126 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	A security issue has been found in procps-ng <= 3.3.14, in the xcalloc() and xrealloc() functions, where the use of an unsigned int instead of a size_t could lead to integer overflow on 64-bit platforms.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-705	procps-ng	3.3.14-1	3.3.15-1	Medium	Fixed

References
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

Notes
Related patch in Qualys' tarball: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch