| Vulnerability Name: | CVE-2018-1121 (CCN-143451) | ||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2017-12-04 | ||||||||||||||||||||||||||||||||||||||||
| Published: | 2018-05-17 | ||||||||||||||||||||||||||||||||||||||||
| Updated: | 2020-06-30 | ||||||||||||||||||||||||||||||||||||||||
| Summary: | procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also. | ||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) 5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
| ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-362 | ||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2018-1121 Source: CCN Type: oss-sec Mailing List, Thu, 17 May 2018 10:17:08 -0700 Qualys Security Advisory - Procps-ng Audit Report Source: MLIST Type: Exploit, Mailing List, Third Party Advisory [oss-security] 20180517 Qualys Security Advisory - Procps-ng Audit Report Source: BID Type: Third Party Advisory, VDB Entry 104214 Source: CCN Type: BID-104214 Procps-ng Procps Multiple Security Vulnerabilities Source: CONFIRM Type: Issue Tracking, Third Party Advisory https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121 Source: XF Type: UNKNOWN procpsng-cve20181121-dos(143451) Source: CCN Type: procps-ng GIT Repository procps-ng procps Source: CCN Type: Packet Storm Security [05-22-2018] Procps-ng Audit Report Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [05-30-2018] Source: EXPLOIT-DB Type: Exploit, Third Party Advisory, VDB Entry 44806 Source: MISC Type: Exploit, Third Party Advisory https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt | ||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||