CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
9.0%
libprocps.so is vulnerable to Denial Of Service (DoS). The vulnerability exists in the ps
option which allows an attacker to write unlimited amounts of unfiltered data into the process heap causing an application crash.
bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042887
github.com/advisories/GHSA-v76x-qfmc-m88p
gitlab.com/procps-ng/procps
gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413
gitlab.com/procps-ng/procps/-/issues/297
lists.fedoraproject.org/archives/list/[email protected]/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/