CVE-2023-4016
procps: ps buffer overflow
Severity Score
3.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
A heap-based buffer overflow vulnerability was found in the procps project when handling untrusted input with the -C option. This issue may allow a user with "ps" utility access to write unfiltered data into the process heap, triggering an out-of-bounds write, consuming memory and causing a crash, resulting in a denial of service.
*Credits:
Michael Berlin, BGU, Prof. Oded Margalit, BGU and Trellix, Prof. Gera Weiss, BGU
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-31 CVE Reserved
- 2023-08-02 CVE Published
- 2023-08-02 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
- CAPEC-9: Buffer Overflow in Local Command-Line Utilities
References (4)
| URL | Tag | Source |
|---|---|---|
| https://gitlab.com/procps-ng/procps | Product | |
| https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5 | Mitigation |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2023-4016 | 2023-11-14 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2228494 | 2023-11-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Procps Project Search vendor "Procps Project" | Procps Search vendor "Procps Project" for product "Procps" | >= 3.3.0 <= 4.0.3 Search vendor "Procps Project" for product "Procps" and version " >= 3.3.0 <= 4.0.3" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
| ||||||