Headline
CVE-2023-4016: procps-ng / procps · GitLab
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
Skip to content
GitLab
- GitLab: the DevOps platform
- Explore GitLab
- Install GitLab
- How GitLab compares
- Get started
- GitLab docs
- GitLab Learn
Pricing
Talk to an expert
/
Help
Help
Support
Community forum
Submit feedback
Contribute to GitLab
Switch to GitLab Next
Projects Groups Topics Snippets
Register
Sign in
procps-ng
procps
P
procps
Project ID: 247135
Star 241
3,790 Commits
2 Branches
29 Tags
40.8 MiB Project Storage
6 Releases
Command line and full screen utilities for browsing procfs, a “pseudo” file system dynamically generated by the kernel to provide information about the status of entries in its process table.
Find file
Download source code
zip tar.gz tar.bz2 tar
Clone with SSH
Clone with HTTPS
Open in your IDE
Visual Studio Code (SSH)
Visual Studio Code (HTTPS)
IntelliJ IDEA (SSH)
IntelliJ IDEA (HTTPS)
Copy SSH clone URL[email protected]:procps-ng/procps.git
Copy HTTPS clone URLhttps://gitlab.com/procps-ng/procps.git
README
GNU Library General Public License v2 only
CHANGELOG
Related news
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Red Hat Security Advisory 2023-7187-01 - An update for procps-ng is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
Ubuntu Security Notice 6477-1 - It was discovered that the procps-ng ps tool incorrectly handled memory. An attacker could possibly use this issue to cause procps-ng to crash, resulting in a denial of service.