EulerOS Virtualization 2.5.0 : procps-ng (EulerOS-SA-2018-1340)

High Nessus Plugin ID 118428


The remote EulerOS Virtualization host is missing multiple security


According to the versions of the procps-ng package installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerabilities :

- If the HOME environment variable is unset or empty, top
will read its configuration file from the current
working directory without any security check. If a user
runs top with HOME unset in an attacker-controlled
directory, the attacker could achieve privilege
escalation by exploiting one of several vulnerabilities
in the config_file() function.(CVE-2018-1122)

- Due to incorrect accounting when decoding and escaping
Unicode data in procfs, ps is vulnerable to overflowing
an mmap()ed region when formatting the process list for
display. Since ps maps a guard page at the end of the
buffer, impact is limited to a crash.(CVE-2018-1123)

- If an argument longer than INT_MAX bytes is given to
pgrep, 'int bytes' could wrap around back to a large
positive int (rather than approaching zero), leading to
a stack buffer overflow via strncat().(CVE-2018-1125)

- procps-ng, procps: Integer overflows leading to heap
overflow in file2strvec (CVE-2018-1124)

- procps-ng, procps: incorrect integer size in
proc/alloc.* leading to truncation / integer overflow
issues (CVE-2018-1126)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.


Update the affected procps-ng packages.

See Also

Plugin Details

Severity: High

ID: 118428

File Name: EulerOS_SA-2018-1340.nasl

Version: 1.2

Type: local

Published: 2018/10/26

Modified: 2018/11/13

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:procps-ng, cpe:/o:huawei:euleros:uvp:2.5.0

Patch Publication Date: 2018/10/11

Reference Information

CVE: CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126