QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-1123

Back to search

CVE-2018-1123

Published: May 23, 2018

Modified: Dec 17, 2025

PUBLISHED

CVSS v3.0

3.9

LOW

Description

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

VendorProductVersions

[UNKNOWN]

procps-ng, procps

affected
procps-ng 3.3.15

Weaknesses (CWE)

CWE-122

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

References

USN-3658-1
vendor-advisory
x_refsource_UBUNTU
DSA-4208
vendor-advisory
x_refsource_DEBIAN
GLSA-201805-14
vendor-advisory
x_refsource_GENTOO
44806
exploit
x_refsource_EXPLOIT-DB
USN-3658-3
vendor-advisory
x_refsource_UBUNTU
104214
vdb-entry
x_refsource_BID
openSUSE-SU-2019:2376
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2019:2379
vendor-advisory
x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now