CVE-2018-1124 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2018-1124?

CVE-2018-1124 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-1124?

Check the references section above for vendor advisories and patch information. Affected products include: Procps-Ng Project Procps-Ng, Canonical Ubuntu Linux, Debian Debian Linux, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop.

Vulnerability Description

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Procps-Ng Project	Procps-Ng	< 3.3.15
Canonical	Ubuntu Linux	14.04
Debian	Debian Linux	7.0
Redhat	Enterprise Linux	6.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Workstation	6.0
Schneider-Electric	Struxureware Data Center Expert	< 7.6.0
Opensuse	Leap	15.0

Related Weaknesses (CWE)

CWE-122 CWE-190 CWE-787

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.htmlMailing ListThird Party Advisory
http://seclists.org/oss-sec/2018/q2/122Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/104214Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1041057Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:1700Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1777Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:1820Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2267Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2268Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1944Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2401Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124Issue TrackingThird Party Advisory
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxurThird Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10241Third Party Advisory

FAQ

What is CVE-2018-1124?

CVE-2018-1124 is a vulnerability with a CVSS score of 7.8 (HIGH). procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create...

How severe is CVE-2018-1124?

CVE-2018-1124 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-1124?

Check the references section above for vendor advisories and patch information. Affected products include: Procps-Ng Project Procps-Ng, Canonical Ubuntu Linux, Debian Debian Linux, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop.