procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00432.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
[UNKNOWN] procps-ng affected
Version Status Constraints
procps-ng 3.3.15 affected

Configuration 1 [-]

cpe:2.3:a:procps-ng_project:procps-ng:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
procps-0:3.2.8-45.el6_9.3 cpe:/o:redhat:enterprise_linux:6 RHSA-2018:1777 2018-05-31T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
procps-0:3.2.8-30.el6_6.1 cpe:/o:redhat:rhel_aus:6.6 RHSA-2018:2268 2018-07-26T00:00:00Z
Red Hat Enterprise Linux 6.6 Telco Extended Update Support
procps-0:3.2.8-30.el6_6.1 cpe:/o:redhat:rhel_tus:6.6 RHSA-2018:2268 2018-07-26T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
procps-0:3.2.8-35.el6_7.1 cpe:/o:redhat:rhel_eus:6.7 RHSA-2018:2267 2018-07-26T00:00:00Z
Red Hat Enterprise Linux 7
procps-ng-0:3.3.10-17.el7_5.2 cpe:/o:redhat:enterprise_linux:7 RHSA-2018:1700 2018-05-23T00:00:00Z
Red Hat Enterprise Linux 7.3 Advanced Update Support
procps-ng-0:3.3.10-10.el7_3.1 cpe:/o:redhat:rhel_aus:7.3 RHSA-2019:2401 2019-08-07T00:00:00Z
Red Hat Enterprise Linux 7.3 Telco Extended Update Support
procps-ng-0:3.3.10-10.el7_3.1 cpe:/o:redhat:rhel_tus:7.3 RHSA-2019:2401 2019-08-07T00:00:00Z
Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions
procps-ng-0:3.3.10-10.el7_3.1 cpe:/o:redhat:rhel_e4s:7.3 RHSA-2019:2401 2019-08-07T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
procps-ng-0:3.3.10-16.el7_4.1 cpe:/o:redhat:rhel_eus:7.4 RHSA-2019:1944 2019-07-30T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7
imgbased-0:1.0.17-0.1.el7ev cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2018:1820 2018-06-11T00:00:00Z
redhat-release-virtualization-host-0:4.2-3.1.el7 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2018:1820 2018-06-11T00:00:00Z
redhat-virtualization-host-0:4.2-20180531.0 cpe:/o:redhat:enterprise_linux:7::hypervisor RHSA-2018:1820 2018-06-11T00:00:00Z

No data.

Subscriptions

Vendors Products
Canonical Subscribe
Ubuntu Linux Subscribe
Debian Subscribe
Debian Linux Subscribe
Opensuse Subscribe
Leap Subscribe
Procps-ng Project Subscribe
Procps-ng Subscribe
Redhat Subscribe
Enterprise Linux Subscribe
Enterprise Linux Desktop Subscribe
Enterprise Linux Server Subscribe
Enterprise Linux Workstation Subscribe
Rhel Aus Subscribe
Rhel E4s Subscribe
Rhel Eus Subscribe
Rhel Tus Subscribe
Schneider-electric Subscribe
Struxureware Data Center Expert Subscribe

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-1390-1 procps security update
Debian DSA Debian DSA DSA-4208-1 procps security update
EUVD EUVD EUVD-2018-11768 procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
Ubuntu USN Ubuntu USN USN-3658-1 procps-ng vulnerabilities
Ubuntu USN Ubuntu USN USN-3658-2 procps-ng vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html cve-icon cve-icon
http://seclists.org/oss-sec/2018/q2/122 cve-icon cve-icon
http://www.securityfocus.com/bid/104214 cve-icon cve-icon
http://www.securitytracker.com/id/1041057 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1700 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1777 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1820 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2267 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2268 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:1944 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2401 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1124 cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10241 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-1124 cve-icon
https://security.gentoo.org/glsa/201805-14 cve-icon cve-icon
https://usn.ubuntu.com/3658-1/ cve-icon cve-icon
https://usn.ubuntu.com/3658-2/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-1124 cve-icon
https://www.debian.org/security/2018/dsa-4208 cve-icon cve-icon
https://www.exploit-db.com/exploits/44806/ cve-icon cve-icon
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt cve-icon cve-icon cve-icon
History

Thu, 18 Dec 2025 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-12-18T11:37:47.265Z

Reserved: 2017-12-04T00:00:00.000Z

Link: CVE-2018-1124

cve-icon Vulnrichment

Updated: 2024-08-05T03:51:48.632Z

cve-icon NVD

Status : Modified

Published: 2018-05-23T13:29:00.263

Modified: 2024-11-21T03:59:13.937

Link: CVE-2018-1124

cve-icon Redhat

Severity : Important

Publid Date: 2018-05-17T17:00:00Z

Links: CVE-2018-1124 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses