Vulnerability CVE-2023-4016: Information
Description
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
procps | sisyphus | 4.0.4-alt1 | 4.0.4-alt3 | ALT-PU-2023-6222-2 | 330939 | Fixed |
procps | sisyphus_e2k | 4.0.4-alt3 | 4.0.4-alt3 | ALT-PU-2023-7140-1 | - | Fixed |
procps | sisyphus_riscv64 | 4.0.4-alt1 | 4.0.4-alt3 | ALT-PU-2023-6491-1 | - | Fixed |
procps | p10 | 3.3.17-alt7.g37f1060.p10.2 | 3.3.17-alt7.g37f1060.p10.2 | ALT-PU-2023-8011-2 | 336354 | Fixed |
procps | p10_e2k | 3.3.17-alt7.g37f1060.p10.2 | 3.3.17-alt7.g37f1060.p10.2 | ALT-PU-2023-8246-1 | - | Fixed |
procps | p9 | 3.3.17-alt7.g37f1060.p10.2 | 3.3.17-alt7.g37f1060.p10.2 | ALT-PU-2023-8135-2 | 336356 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://gitlab.com/procps-ng/procps |
|
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/ |
|