CVE-2023-4016

Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4016.json

Published

2023-08-02T05:15:00Z

Modified

2023-09-01T00:47:30.661716Z

Details

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

References

https://gitlab.com/procps-ng/procps
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUETRRT24OFGPYK6ACPM5VUGHNKH5CQ5/

Affected packages

Alpine:v3.18 / procps-ng

Source Details

Package Name: procps-ng

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

4.0.4-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1