CVE-2018-1124

Source
Severity Medium
Remote No
Type Privilege escalation
Description
A security issue has been found in procps-ng <= 3.3.14. An attacker can exploit an integer overflow in libprocps's file2strvec() function and carry out an LPE when another user, administrator, or script executes a vulnerable utility (pgrep, pidof, pkill, and w are vulnerable by default; other utilities are vulnerable if executed with non-default options). Moreover, an attacker's process running inside a container can trigger this vulnerability in a utility running outside the container: the attacker can exploit this userland vulnerability and break out of the container or chroot.
Group Package Affected Fixed Severity Status Ticket
AVG-705 procps-ng 3.3.14-1 3.3.15-1 Medium Fixed
References
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
Notes
Related patch in Qualys' tarball: 0074-proc-readproc.c-Fix-bugs-and-overflows-in-file2strve.patch