CVE-2018-1123

Summary

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]procps-ng, procpsprocps-ng 3.3.15affected

Weaknesses

  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References