procps-ng

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Utilities for monitoring your system and its processes
Version 4.0.4-3 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-705 3.3.14-1 3.3.15-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2018-1126 AVG-705 Medium No Arbitrary code execution
A security issue has been found in procps-ng <= 3.3.14, in the xcalloc() and xrealloc() functions, where the use of an unsigned int instead of a size_t...
CVE-2018-1125 AVG-705 Medium No Arbitrary code execution
A potential stack-based buffer overflow has been found in the pgrep utility of procps-ng <= 3.3.14. If the strlen() of one of the cmdline arguments is...
CVE-2018-1124 AVG-705 Medium No Privilege escalation
A security issue has been found in procps-ng <= 3.3.14. An attacker can exploit an integer overflow in libprocps's file2strvec() function and carry out an...
CVE-2018-1123 AVG-705 Low No Denial of service
A security issue has been found in procps-ng <= 3.3.14 where an attacker can overflow the output buffer of ps, when executed by another user, administrator,...
CVE-2018-1122 AVG-705 Low No Privilege escalation
The top utility from procps-ng <= 3.3.14 reads its configuration file from the current working directory, without any security check, if the HOME...