---

CVE-2018-1126 - log back

CVE-2018-1126 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Local
Type	+ Arbitrary code execution
Description	+ A security issue has been found in procps-ng <= 3.3.14, in the xcalloc() and xrealloc() functions, where the use of an unsigned int instead of a size_t could lead to integer overflow on 64-bit platforms.
References	+ https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
Notes	+ Related patch in Qualys' tarball: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch