Branch p10_e2k update bulletin.

Package procps updated to version 3.3.17-alt7.g37f1060.p10.2 for branch p10_e2k.

Published: 2023-08-02

BDU:2023-07117

Уязвимость утилиты сбора информации запущенных процессов ps набора утилит командной строки procps-ng, позволяющая нарушителю вызвать отказ в обслуживании

Severity: LOW (2.5) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2023-4016

Published: 2023-08-02
Modified: 2024-11-21

CVE-2023-4016

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

https://gitlab.com/procps-ng/procps
https://gitlab.com/procps-ng/procps
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/

Version: 2.1.0

Branch p10_e2k update on 2023-12-20

ALT-BU-2023-8247-1

ALT-PU-2023-8246-1

Closed vulnerabilities

BDU:2023-07117

CVE-2023-4016