ALPINE-CVE-2023-4016

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2023-4016
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2023-4016.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2023-4016
Upstream
Published
2023-08-02T05:15:09.850Z
Modified
2025-11-19T06:22:50.157827Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

References

Affected packages

Alpine:v3.15

procps

Package

Name
procps
Purl
pkg:apk/alpine/procps?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.17-r1

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.8-r2
3.3.4-r0
3.3.4-r1
3.3.6-r0
3.3.8-r0
3.3.9-r0
3.3.9-r1
3.3.9-r2
3.3.9-r3
3.3.12-r0
3.3.12-r1
3.3.12-r2
3.3.12-r3
3.3.12-r4
3.3.12-r5
3.3.15-r0
3.3.15-r1
3.3.16-r0
3.3.17-r0

Alpine:v3.16

procps

Package

Name
procps
Purl
pkg:apk/alpine/procps?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.17-r2

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.8-r2
3.3.4-r0
3.3.4-r1
3.3.6-r0
3.3.8-r0
3.3.9-r0
3.3.9-r1
3.3.9-r2
3.3.9-r3
3.3.12-r0
3.3.12-r1
3.3.12-r2
3.3.12-r3
3.3.12-r4
3.3.12-r5
3.3.15-r0
3.3.15-r1
3.3.16-r0
3.3.17-r0
3.3.17-r1

Alpine:v3.17

procps

Package

Name
procps
Purl
pkg:apk/alpine/procps?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.3.17-r3

Affected versions

3.*

3.2.8-r0
3.2.8-r1
3.2.8-r2
3.3.4-r0
3.3.4-r1
3.3.6-r0
3.3.8-r0
3.3.9-r0
3.3.9-r1
3.3.9-r2
3.3.9-r3
3.3.12-r0
3.3.12-r1
3.3.12-r2
3.3.12-r3
3.3.12-r4
3.3.12-r5
3.3.15-r0
3.3.15-r1
3.3.16-r0
3.3.17-r0
3.3.17-r1
3.3.17-r2

Alpine:v3.18

procps-ng

Package

Name
procps-ng
Purl
pkg:apk/alpine/procps-ng?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.4-r0

Affected versions

4.*

4.0.3-r0
4.0.3-r1

Alpine:v3.19

procps-ng

Package

Name
procps-ng
Purl
pkg:apk/alpine/procps-ng?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.4-r0

Affected versions

4.*

4.0.3-r0
4.0.3-r1
4.0.3-r2

Alpine:v3.20

procps-ng

Package

Name
procps-ng
Purl
pkg:apk/alpine/procps-ng?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.4-r0

Affected versions

4.*

4.0.3-r0
4.0.3-r1
4.0.3-r2

Alpine:v3.21

procps-ng

Package

Name
procps-ng
Purl
pkg:apk/alpine/procps-ng?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.4-r0

Affected versions

4.*

4.0.3-r0
4.0.3-r1
4.0.3-r2

Alpine:v3.22

procps-ng

Package

Name
procps-ng
Purl
pkg:apk/alpine/procps-ng?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.4-r0

Affected versions

4.*

4.0.3-r0
4.0.3-r1
4.0.3-r2