CVE-2018-1122

HIGH

procps-ng <3.3.15 - Privilege Escalation

Title source: llm

Description

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.

Exploits (1)

exploitdb WRITEUP

by Qualys Corporation · textlocallinux

https://www.exploit-db.com/exploits/44806

View Code ZIP pw:eip

References (14)

[Third Party Advisory] https://usn.ubuntu.com/3658-1/

[Third Party Advisory] https://www.debian.org/security/2018/dsa-4208

[Third Party Advisory] https://security.gentoo.org/glsa/201805-14

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/44806/

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html

[Third Party Advisory] https://usn.ubuntu.com/3658-3/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/104214

[Mailing List, Third Party Advisory] http://seclists.org/oss-sec/2018/q2/122

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1122

[Exploit, Third Party Advisory] https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2019:2189

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2020:0595

Scores

CVSS v3 7.3

EPSS 0.0025

EPSS Percentile 48.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-829

Status published

Products (9)

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 17.10

canonical/ubuntu_linux 18.04

debian/debian_linux 7.0

debian/debian_linux 8.0

debian/debian_linux 9.0

procps-ng_project/procps-ng < 3.3.15

Published May 23, 2018

Tracked Since Feb 18, 2026