Vulnerability from csaf_opensuse
Published
2019-10-26 14:24
Modified
2019-10-26 14:24
Summary
Security update for procps
Notes
Title of the patch
Security update for procps
Description of the patch
This update for procps fixes the following issues:
procps was updated to 3.3.15. (bsc#1092100)
Following security issues were fixed:
- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top
with HOME unset in an attacker-controlled directory, the attacker could have
achieved privilege escalation by exploiting one of several vulnerabilities in
the config_file() function (bsc#1092100).
- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.
Inbuilt protection in ps maped a guard page at the end of the overflowed
buffer, ensuring that the impact of this flaw is limited to a crash (temporary
denial of service) (bsc#1092100).
- CVE-2018-1124: Prevent multiple integer overflows leading to a heap
corruption in file2strvec function. This allowed a privilege escalation for a
local attacker who can create entries in procfs by starting processes, which
could result in crashes or arbitrary code execution in proc utilities run by
other users (bsc#1092100).
- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was
mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).
- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent
truncation/integer overflow issues (bsc#1092100).
Also this non-security issue was fixed:
- Fix CPU summary showing old data. (bsc#1121753)
The update to 3.3.15 contains the following fixes:
* library: Increment to 8:0:1
No removals, no new functions
Changes: slab and pid structures
* library: Just check for SIGLOST and don't delete it
* library: Fix integer overflow and LPE in file2strvec CVE-2018-1124
* library: Use size_t for alloc functions CVE-2018-1126
* library: Increase comm size to 64
* pgrep: Fix stack-based buffer overflow CVE-2018-1125
* pgrep: Remove >15 warning as comm can be longer
* ps: Fix buffer overflow in output buffer, causing DOS CVE-2018-1123
* ps: Increase command name selection field to 64
* top: Don't use cwd for location of config CVE-2018-1122
* update translations
* library: build on non-glibc systems
* free: fix scaling on 32-bit systems
* Revert 'Support running with child namespaces'
* library: Increment to 7:0:1
No changes, no removals
New fuctions: numa_init, numa_max_node, numa_node_of_cpu, numa_uninit, xalloc_err_handler
* doc: Document I idle state in ps.1 and top.1
* free: fix some of the SI multiples
* kill: -l space between name parses correctly
* library: dont use vm_min_free on non Linux
* library: don't strip off wchan prefixes (ps & top)
* pgrep: warn about 15+ char name only if -f not used
* pgrep/pkill: only match in same namespace by default
* pidof: specify separator between pids
* pkill: Return 0 only if we can kill process
* pmap: fix duplicate output line under '-x' option
* ps: avoid eip/esp address truncations
* ps: recognizes SCHED_DEADLINE as valid CPU scheduler
* ps: display NUMA node under which a thread ran
* ps: Add seconds display for cputime and time
* ps: Add LUID field
* sysctl: Permit empty string for value
* sysctl: Don't segv when file not available
* sysctl: Read and write large buffers
* top: add config file support for XDG specification
* top: eliminated minor libnuma memory leak
* top: show fewer memory decimal places (configurable)
* top: provide command line switch for memory scaling
* top: provide command line switch for CPU States
* top: provides more accurate cpu usage at startup
* top: display NUMA node under which a thread ran
* top: fix argument parsing quirk resulting in SEGV
* top: delay interval accepts non-locale radix point
* top: address a wishlist man page NLS suggestion
* top: fix potential distortion in 'Mem' graph display
* top: provide proper multi-byte string handling
* top: startup defaults are fully customizable
* watch: define HOST_NAME_MAX where not defined
* vmstat: Fix alignment for disk partition format
* watch: Support ANSI 39,49 reset sequences
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-2376
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for procps",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for procps fixes the following issues:\n\nprocps was updated to 3.3.15. (bsc#1092100)\n\nFollowing security issues were fixed:\n\n- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top\n with HOME unset in an attacker-controlled directory, the attacker could have\n achieved privilege escalation by exploiting one of several vulnerabilities in\n the config_file() function (bsc#1092100).\n- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow.\n Inbuilt protection in ps maped a guard page at the end of the overflowed\n buffer, ensuring that the impact of this flaw is limited to a crash (temporary\n denial of service) (bsc#1092100).\n- CVE-2018-1124: Prevent multiple integer overflows leading to a heap\n corruption in file2strvec function. This allowed a privilege escalation for a\n local attacker who can create entries in procfs by starting processes, which\n could result in crashes or arbitrary code execution in proc utilities run by\n other users (bsc#1092100).\n- CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was\n mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).\n- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent\n truncation/integer overflow issues (bsc#1092100).\n\n\nAlso this non-security issue was fixed:\n\n- Fix CPU summary showing old data. (bsc#1121753)\n\nThe update to 3.3.15 contains the following fixes:\n\n* library: Increment to 8:0:1\n No removals, no new functions\n Changes: slab and pid structures\n* library: Just check for SIGLOST and don\u0027t delete it\n* library: Fix integer overflow and LPE in file2strvec CVE-2018-1124\n* library: Use size_t for alloc functions CVE-2018-1126\n* library: Increase comm size to 64\n* pgrep: Fix stack-based buffer overflow CVE-2018-1125\n* pgrep: Remove \u003e15 warning as comm can be longer\n* ps: Fix buffer overflow in output buffer, causing DOS CVE-2018-1123\n* ps: Increase command name selection field to 64\n* top: Don\u0027t use cwd for location of config CVE-2018-1122\n* update translations\n* library: build on non-glibc systems\n* free: fix scaling on 32-bit systems\n* Revert \u0027Support running with child namespaces\u0027\n* library: Increment to 7:0:1\n No changes, no removals\n New fuctions: numa_init, numa_max_node, numa_node_of_cpu, numa_uninit, xalloc_err_handler\n* doc: Document I idle state in ps.1 and top.1\n* free: fix some of the SI multiples\n* kill: -l space between name parses correctly\n* library: dont use vm_min_free on non Linux\n* library: don\u0027t strip off wchan prefixes (ps \u0026 top)\n* pgrep: warn about 15+ char name only if -f not used\n* pgrep/pkill: only match in same namespace by default\n* pidof: specify separator between pids\n* pkill: Return 0 only if we can kill process\n* pmap: fix duplicate output line under \u0027-x\u0027 option\n* ps: avoid eip/esp address truncations\n* ps: recognizes SCHED_DEADLINE as valid CPU scheduler\n* ps: display NUMA node under which a thread ran\n* ps: Add seconds display for cputime and time\n* ps: Add LUID field\n* sysctl: Permit empty string for value\n* sysctl: Don\u0027t segv when file not available\n* sysctl: Read and write large buffers\n* top: add config file support for XDG specification\n* top: eliminated minor libnuma memory leak\n* top: show fewer memory decimal places (configurable)\n* top: provide command line switch for memory scaling\n* top: provide command line switch for CPU States\n* top: provides more accurate cpu usage at startup\n* top: display NUMA node under which a thread ran\n* top: fix argument parsing quirk resulting in SEGV\n* top: delay interval accepts non-locale radix point\n* top: address a wishlist man page NLS suggestion\n* top: fix potential distortion in \u0027Mem\u0027 graph display\n* top: provide proper multi-byte string handling\n* top: startup defaults are fully customizable\n* watch: define HOST_NAME_MAX where not defined\n* vmstat: Fix alignment for disk partition format\n* watch: Support ANSI 39,49 reset sequences\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2376",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2376-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2376-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4EP32ED5GDRC2L3UFTOK2NPRC2TNQRPB/#4EP32ED5GDRC2L3UFTOK2NPRC2TNQRPB"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2376-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4EP32ED5GDRC2L3UFTOK2NPRC2TNQRPB/#4EP32ED5GDRC2L3UFTOK2NPRC2TNQRPB"
},
{
"category": "self",
"summary": "SUSE Bug 1092100",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "self",
"summary": "SUSE Bug 1121753",
"url": "https://bugzilla.suse.com/1121753"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1122 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1123 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1124 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1125 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1126 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1126/"
}
],
"title": "Security update for procps",
"tracking": {
"current_release_date": "2019-10-26T14:24:29Z",
"generator": {
"date": "2019-10-26T14:24:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2376-1",
"initial_release_date": "2019-10-26T14:24:29Z",
"revision_history": [
{
"date": "2019-10-26T14:24:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libprocps7-3.3.15-lp151.6.3.1.i586",
"product": {
"name": "libprocps7-3.3.15-lp151.6.3.1.i586",
"product_id": "libprocps7-3.3.15-lp151.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "procps-3.3.15-lp151.6.3.1.i586",
"product": {
"name": "procps-3.3.15-lp151.6.3.1.i586",
"product_id": "procps-3.3.15-lp151.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "procps-devel-3.3.15-lp151.6.3.1.i586",
"product": {
"name": "procps-devel-3.3.15-lp151.6.3.1.i586",
"product_id": "procps-devel-3.3.15-lp151.6.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libprocps7-3.3.15-lp151.6.3.1.x86_64",
"product": {
"name": "libprocps7-3.3.15-lp151.6.3.1.x86_64",
"product_id": "libprocps7-3.3.15-lp151.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "procps-3.3.15-lp151.6.3.1.x86_64",
"product": {
"name": "procps-3.3.15-lp151.6.3.1.x86_64",
"product_id": "procps-3.3.15-lp151.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "procps-devel-3.3.15-lp151.6.3.1.x86_64",
"product": {
"name": "procps-devel-3.3.15-lp151.6.3.1.x86_64",
"product_id": "procps-devel-3.3.15-lp151.6.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libprocps7-3.3.15-lp151.6.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586"
},
"product_reference": "libprocps7-3.3.15-lp151.6.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libprocps7-3.3.15-lp151.6.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64"
},
"product_reference": "libprocps7-3.3.15-lp151.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "procps-3.3.15-lp151.6.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586"
},
"product_reference": "procps-3.3.15-lp151.6.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "procps-3.3.15-lp151.6.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64"
},
"product_reference": "procps-3.3.15-lp151.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "procps-devel-3.3.15-lp151.6.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586"
},
"product_reference": "procps-devel-3.3.15-lp151.6.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "procps-devel-3.3.15-lp151.6.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
},
"product_reference": "procps-devel-3.3.15-lp151.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1122"
}
],
"notes": [
{
"category": "general",
"text": "procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1122",
"url": "https://www.suse.com/security/cve/CVE-2018-1122"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "external",
"summary": "SUSE Bug 1123135 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1123135"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1128955 for CVE-2018-1122",
"url": "https://bugzilla.suse.com/1128955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-26T14:24:29Z",
"details": "important"
}
],
"title": "CVE-2018-1122"
},
{
"cve": "CVE-2018-1123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1123"
}
],
"notes": [
{
"category": "general",
"text": "procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1123",
"url": "https://www.suse.com/security/cve/CVE-2018-1123"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "external",
"summary": "SUSE Bug 1123135 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1123135"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1128955 for CVE-2018-1123",
"url": "https://bugzilla.suse.com/1128955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-26T14:24:29Z",
"details": "important"
}
],
"title": "CVE-2018-1123"
},
{
"cve": "CVE-2018-1124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1124"
}
],
"notes": [
{
"category": "general",
"text": "procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1124",
"url": "https://www.suse.com/security/cve/CVE-2018-1124"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "external",
"summary": "SUSE Bug 1123135 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1123135"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1128955 for CVE-2018-1124",
"url": "https://bugzilla.suse.com/1128955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-26T14:24:29Z",
"details": "important"
}
],
"title": "CVE-2018-1124"
},
{
"cve": "CVE-2018-1125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1125"
}
],
"notes": [
{
"category": "general",
"text": "procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1125",
"url": "https://www.suse.com/security/cve/CVE-2018-1125"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "external",
"summary": "SUSE Bug 1123135 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1123135"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1128955 for CVE-2018-1125",
"url": "https://bugzilla.suse.com/1128955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-26T14:24:29Z",
"details": "important"
}
],
"title": "CVE-2018-1125"
},
{
"cve": "CVE-2018-1126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1126"
}
],
"notes": [
{
"category": "general",
"text": "procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1126",
"url": "https://www.suse.com/security/cve/CVE-2018-1126"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092100 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1092100"
},
{
"category": "external",
"summary": "SUSE Bug 1093158 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1093158"
},
{
"category": "external",
"summary": "SUSE Bug 1123135 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1123135"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1126909"
},
{
"category": "external",
"summary": "SUSE Bug 1128955 for CVE-2018-1126",
"url": "https://bugzilla.suse.com/1128955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:libprocps7-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-3.3.15-lp151.6.3.1.x86_64",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.i586",
"openSUSE Leap 15.1:procps-devel-3.3.15-lp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-26T14:24:29Z",
"details": "important"
}
],
"title": "CVE-2018-1126"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.