ID

VAR-201805-0613


CVE

CVE-2018-1124


TITLE

procps-ng Integer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-005228

DESCRIPTION

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. procps-ng Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Procps-ng Procps is prone to the following security vulnerabilities: 1. A local security-bypass vulnerability 2. A local privilege-escalation vulnerability 3. A local denial-of-service vulnerability 4. Multiple local integer-overflow vulnerabilities 5. A stack-based buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application or perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201805-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: procps: Multiple vulnerabilities Date: May 30, 2018 Bugs: #656022 ID: 201805-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in procps, the worst of which could result in the execution of arbitrary code. Background ========== A bunch of small useful utilities that give information about processes using the /proc filesystem. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-process/procps < 3.3.15-r1 >= 3.3.15-r1 Description =========== Multiple vulnerabilities have been discovered in procps. Please review the CVE identifiers referenced below for details. Impact ====== A local attacker could execute arbitrary code, escalate privileges, or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All procps users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=sys-process/procps-3.3.15-r1" References ========== [ 1 ] CVE-2018-1120 https://nvd.nist.gov/vuln/detail/CVE-2018-1120 [ 2 ] CVE-2018-1121 https://nvd.nist.gov/vuln/detail/CVE-2018-1121 [ 3 ] CVE-2018-1122 https://nvd.nist.gov/vuln/detail/CVE-2018-1122 [ 4 ] CVE-2018-1123 https://nvd.nist.gov/vuln/detail/CVE-2018-1123 [ 5 ] CVE-2018-1124 https://nvd.nist.gov/vuln/detail/CVE-2018-1124 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201805-14 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.07

sources: NVD: CVE-2018-1124 // JVNDB: JVNDB-2018-005228 // BID: 104214 // VULMON: CVE-2018-1124 // PACKETSTORM: 147943

AFFECTED PRODUCTS

vendor:procps ngmodel:procps-ngscope:ltversion:3.3.15

Trust: 1.8

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.6

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.6

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.6

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.6

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.6

vendor:redhatmodel:enterprise linuxscope:eqversion:7.5

Trust: 1.6

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.6

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.6

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.6

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:schneider electricmodel:struxureware data center expertscope:ltversion:7.6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:17.10

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:canonicalmodel:ubuntuscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope: - version: -

Trust: 0.8

vendor:redhatmodel:enterprise linuxscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:procps ngmodel:procpsscope:eqversion:0

Trust: 0.3

sources: NVD: CVE-2018-1124 // CNNVD: CNNVD-201805-789 // JVNDB: JVNDB-2018-005228 // BID: 104214

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2018-1124
value: HIGH

Trust: 1.8

CNNVD: CNNVD-201805-789
value: HIGH

Trust: 0.6

VULMON: CVE-2018-1124
value: MEDIUM

Trust: 0.1

NVD: CVE-2018-1124
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.9

NVD: CVE-2018-1124
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-1124
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: NVD: CVE-2018-1124 // CNNVD: CNNVD-201805-789 // JVNDB: JVNDB-2018-005228 // VULMON: CVE-2018-1124

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.8

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2018-1124 // JVNDB: JVNDB-2018-005228

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201805-789

TYPE

input validation error

Trust: 0.9

sources: CNNVD: CNNVD-201805-789 // BID: 104214

CONFIGURATIONS

sources: NVD: CVE-2018-1124

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2018-1124

PATCH

title:DSA-4208-1url:https://www.debian.org/security/2018/dsa-4208

Trust: 0.8

title:procpsurl:https://gitlab.com/procps-ng/procps

Trust: 0.8

title:RHSA-2018:1700url:https://access.redhat.com/errata/rhsa-2018:1700

Trust: 0.8

title:RHSA-2018:1777url:https://access.redhat.com/errata/rhsa-2018:1777

Trust: 0.8

title:RHSA-2018:1820url:https://access.redhat.com/errata/rhsa-2018:1820

Trust: 0.8

title:USN-3658-1url:https://usn.ubuntu.com/3658-1/

Trust: 0.8

title:USN-3658-2url:https://usn.ubuntu.com/3658-2/

Trust: 0.8

title:procps-ng Fixes for digital error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83673

Trust: 0.6

title:Red Hat: Important: procps-ng security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20192401 - security advisory

Trust: 0.1

title:Red Hat: Important: Red Hat Virtualization security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20181820 - security advisory

Trust: 0.1

title:Red Hat: Important: procps-ng security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20181700 - security advisory

Trust: 0.1

title:Red Hat: Important: procps-ng security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20191944 - security advisory

Trust: 0.1

title:Red Hat: Important: procps security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20182267 - security advisory

Trust: 0.1

title:Red Hat: Important: procps security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20182268 - security advisory

Trust: 0.1

title:Red Hat: Important: procps security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=rhsa-20181777 - security advisory

Trust: 0.1

title:Ubuntu Security Notice: procps vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-3658-2

Trust: 0.1

title:Red Hat: CVE-2018-1124url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=cve-2018-1124

Trust: 0.1

title:Ubuntu Security Notice: procps vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=usn-3658-1

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=cve-2018-1124

Trust: 0.1

title:Debian CVElist Bug Report Logs: procps: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=f5176a4090976ca64e2df1278bd3172b

Trust: 0.1

title:Debian Security Advisories: DSA-4208-1 procps -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=58a59a2b26fe7d48fb944473493eb87a

Trust: 0.1

title:Amazon Linux 2: ALAS2-2018-1031url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=alas2-2018-1031

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - April 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=c0bb087d513b6ab7ce4efb0405158613

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - April 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=ae57a14ec914f60b7203332a77613077

Trust: 0.1

title:rhel-centos-ec2-vulsurl:https://github.com/riboseinc/rhel-centos-ec2-vuls

Trust: 0.1

title:core-kiturl:https://github.com/funtoo/core-kit

Trust: 0.1

sources: CNNVD: CNNVD-201805-789 // JVNDB: JVNDB-2018-005228 // VULMON: CVE-2018-1124

EXTERNAL IDS

db:NVDid:CVE-2018-1124

Trust: 2.9

db:BIDid:104214

Trust: 2.0

db:SECTRACKid:1041057

Trust: 1.7

db:EXPLOIT-DBid:44806

Trust: 1.7

db:MCAFEEid:SB10241

Trust: 1.7

db:JVNDBid:JVNDB-2018-005228

Trust: 0.8

db:AUSCERTid:ESB-2019.2859

Trust: 0.6

db:AUSCERTid:ESB-2018.2456.4

Trust: 0.6

db:AUSCERTid:ESB-2019.2859.2

Trust: 0.6

db:AUSCERTid:ESB-2020.4254

Trust: 0.6

db:AUSCERTid:ESB-2021.0001

Trust: 0.6

db:PACKETSTORMid:153967

Trust: 0.6

db:PACKETSTORMid:153809

Trust: 0.6

db:CNNVDid:CNNVD-201805-789

Trust: 0.6

db:VULMONid:CVE-2018-1124

Trust: 0.1

db:PACKETSTORMid:147943

Trust: 0.1

sources: NVD: CVE-2018-1124 // CNNVD: CNNVD-201805-789 // JVNDB: JVNDB-2018-005228 // BID: 104214 // VULMON: CVE-2018-1124 // PACKETSTORM: 147943

REFERENCES

url:https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

Trust: 2.8

url:https://access.redhat.com/errata/rhsa-2019:2401

Trust: 2.4

url:http://www.securityfocus.com/bid/104214

Trust: 2.3

url:https://access.redhat.com/errata/rhsa-2019:1944

Trust: 2.3

url:https://www.exploit-db.com/exploits/44806/

Trust: 1.8

url:https://usn.ubuntu.com/3658-2/

Trust: 1.8

url:https://security.gentoo.org/glsa/201805-14

Trust: 1.8

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2018-1124

Trust: 1.7

url:http://seclists.org/oss-sec/2018/q2/122

Trust: 1.7

url:https://www.debian.org/security/2018/dsa-4208

Trust: 1.7

url:https://usn.ubuntu.com/3658-1/

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:1700

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:1777

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:1820

Trust: 1.7

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10241

Trust: 1.7

url:http://www.securitytracker.com/id/1041057

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:2268

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2018:2267

Trust: 1.7

url:https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-1124

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1124

Trust: 0.8

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192730-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2018/suse-su-20182451-2/

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20190450-1/

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2018/suse-su-20182451-1/

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10874468

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2859/

Trust: 0.6

url:https://packetstormsecurity.com/files/153967/red-hat-security-advisory-2019-2401-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/153809/red-hat-security-advisory-2019-1944-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0001/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2018.2456.4/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2859.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4254/

Trust: 0.6

url:https://gitlab.com/procps-ng/procps

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575465

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575466

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575473

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575474

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575852

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1575853

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1121

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1122

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1123

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1124

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1125

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-1126

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/190.html

Trust: 0.1

url:https://tools.cisco.com/security/center/viewalert.x?alertid=57956

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1122

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1123

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1121

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1120

Trust: 0.1

sources: NVD: CVE-2018-1124 // CNNVD: CNNVD-201805-789 // JVNDB: JVNDB-2018-005228 // BID: 104214 // VULMON: CVE-2018-1124 // PACKETSTORM: 147943

CREDITS

Red Hat

Trust: 0.6

sources: CNNVD: CNNVD-201805-789

SOURCES

db:NVDid:CVE-2018-1124
db:CNNVDid:CNNVD-201805-789
db:JVNDBid:JVNDB-2018-005228
db:BIDid:104214
db:VULMONid:CVE-2018-1124
db:PACKETSTORMid:147943

LAST UPDATE DATE

2021-12-18T22:07:19.455000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2018-1124date:2020-09-09T14:58:00
db:CNNVDid:CNNVD-201805-789date:2021-01-04T00:00:00
db:JVNDBid:JVNDB-2018-005228date:2018-07-10T00:00:00
db:BIDid:104214date:2018-05-17T00:00:00
db:VULMONid:CVE-2018-1124date:2020-09-09T00:00:00
db:PACKETSTORMid:147943date: -

SOURCES RELEASE DATE

db:NVDid:CVE-2018-1124date:2018-05-23T13:29:00
db:CNNVDid:CNNVD-201805-789date:2018-05-24T00:00:00
db:JVNDBid:JVNDB-2018-005228date:2018-07-10T00:00:00
db:BIDid:104214date:2018-05-17T00:00:00
db:VULMONid:CVE-2018-1124date:2018-05-23T00:00:00
db:PACKETSTORMid:147943date:2018-05-30T19:59:39