If a process inspected by pgrep has an argument longer than INT_MAX bytes, “int bytes” could wrap around back to a large positive int (rather than approaching zero), leading to a stack buffer overflow via strncat().

Mitigation

The procps suite on Red Hat Enterprise Linux is built with FORTIFY, which limits the impact of this stack overflow (and others like it) to a crash.

References

bugzilla.redhat.com/show_bug.cgi?id=1575852

www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

veracode 1

nvd 1

cve 1

cvelist 1

prion 1

osv 3

ubuntucve 1

debiancve 1

nessus 26

openvas 18

ubuntu 2

rosalinux 1

suse 4

slackware 1

debian 3

cloudfoundry 1

ibm 4

packetstorm 1

photon 4

exploitpack 1

exploitdb 1

veracode

Denial Of Service (DoS)

2021-10-26 02:28:26

nvd

CVE-2018-1125

2018-05-23 14:29:00

cve

CVE-2018-1125

2018-05-23 14:29:00

cvelist

CVE-2018-1125

2018-05-23 14:00:00

prion

Stack overflow

2018-05-23 14:29:00

osv

CVE-2018-1125

2018-05-23 14:29:00

procps - security update

2018-05-22 00:00:00

procps - security update

2018-05-31 00:00:00

ubuntucve

CVE-2018-1125

2018-05-17 00:00:00

debiancve

CVE-2018-1125

2018-05-23 14:29:00

nessus

EulerOS 2.0 SP3 : procps-ng (EulerOS-SA-2018-1230)

2018-08-10 00:00:00

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1326)

2018-10-26 00:00:00

RHEL 7 : procps-ng,_procps (Unpatched Vulnerability)

2024-05-11 00:00:00

openvas

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2018-1326)

2020-01-23 00:00:00

Ubuntu: Security Advisory (USN-3658-3)

2022-08-26 00:00:00

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2018-1230)

2020-01-23 00:00:00

ubuntu

procps-ng vulnerabilities

2018-08-16 00:00:00

procps-ng vulnerabilities

2018-05-23 00:00:00

rosalinux

Advisory ROSA-SA-2021-1956

2021-07-02 18:00:03

suse

Security update for procps (important)

2019-03-04 00:00:00

Security update for procps (important)

2019-10-26 00:00:00

Security update for procps (moderate)

2018-06-29 15:30:55

slackware

[slackware-security] procps-ng

2018-05-23 06:37:37

debian

[SECURITY] [DSA 4208-1] procps security update

2018-05-22 15:45:25

[SECURITY] [DSA 4208-1] procps security update

2018-05-22 15:45:25

[SECURITY] [DLA 1390-1] procps security update

2018-05-31 20:24:15

cloudfoundry

USN-3658-1: procps-ng vulnerabilities | Cloud Foundry

2018-06-05 00:00:00

ibm

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in procps

2023-12-07 22:45:03

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in procps

2023-12-07 22:45:02

Security Bulletin: Vulnerabilities in procps affect IBM BladeCenter Advanced Management Module (AMM)

2018-10-11 15:50:01

packetstorm

Procps-ng Audit Report

2018-05-22 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0175

2018-08-15 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0085

2018-08-15 00:00:00

Critical Photon OS Security Update - PHSA-2018-0175

2018-08-15 00:00:00

exploitpack

Procps-ng - Multiple Vulnerabilities

2018-05-30 00:00:00

exploitdb

Procps-ng - Multiple Vulnerabilities

2018-05-30 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.005 Low

EPSS

Percentile

75.6%

JSON

Related for RH:CVE-2018-1125