CVE-2018-1124 - OpenCVE

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server
Opensuse	Leap
Canonical	Ubuntu Linux
Procps-ng Project	Procps-ng
Schneider-electric	Struxureware Data Center Expert
Debian	Debian Linux

Configuration 1 [-]

cpe:2.3:a:procps-ng_project:procps-ng:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 5 [-]

cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:o:opensuse:leap:15.0:::::::*
	cpe:2.3:o:opensuse:leap:15.1:::::::*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html	Mailing List Third Party Advisory
http://seclists.org/oss-sec/2018/q2/122	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/104214	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041057	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:1700	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1777	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1820	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2267	Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2268	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1944	Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2401	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124	Issue Tracking Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10241	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html	Third Party Advisory
https://security.gentoo.org/glsa/201805-14	Third Party Advisory
https://usn.ubuntu.com/3658-1/	Third Party Advisory
https://usn.ubuntu.com/3658-2/	Third Party Advisory
https://www.debian.org/security/2018/dsa-4208	Third Party Advisory
https://www.exploit-db.com/exploits/44806/	Third Party Advisory VDB Entry
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt	Exploit Third Party Advisory