CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
77.5%
The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities: ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, pwdx, sysctl, pmap, and slabtop.
Security Fix(es):
procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124)
procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Qualys Research Labs for reporting these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | procps | < 3.2.8-30.el6_6.1 | procps-3.2.8-30.el6_6.1.x86_64.rpm |
RedHat | 6 | i686 | procps-debuginfo | < 3.2.8-30.el6_6.1 | procps-debuginfo-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | x86_64 | procps-debuginfo | < 3.2.8-30.el6_6.1 | procps-debuginfo-3.2.8-30.el6_6.1.x86_64.rpm |
RedHat | 6 | i686 | procps-devel | < 3.2.8-30.el6_6.1 | procps-devel-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | i686 | procps | < 3.2.8-30.el6_6.1 | procps-3.2.8-30.el6_6.1.i686.rpm |
RedHat | 6 | x86_64 | procps-devel | < 3.2.8-30.el6_6.1 | procps-devel-3.2.8-30.el6_6.1.x86_64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
77.5%