CVE-2018-1126

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A security issue has been found in procps-ng <= 3.3.14, in the xcalloc() and xrealloc() functions, where the use of an unsigned int instead of a size_t could lead to integer overflow on 64-bit platforms.
Group Package Affected Fixed Severity Status Ticket
AVG-705 procps-ng 3.3.14-1 Medium Vulnerable
References
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
Notes
Related patch in Qualys' tarball: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch