CVE-2018-1123

LOW

procps-ng < 3.3.15 - Denial of Service via mmap Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-1123. PoCs published by Qualys Corporation, aravinddathd.

AI-analyzed exploit summary This is a Qualys Security Advisory detailing multiple vulnerabilities in procps-ng, including CVE-2018-1124, which involves an integer overflow in libprocps's file2strvec() function leading to local privilege escalation. The advisory includes descriptions of vulnerabilities, proof-of-concept code snippets, and technical details.

Description

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service).

Exploits (2)

exploitdb WRITEUP
by Qualys Corporation · textlocallinux
https://www.exploit-db.com/exploits/44806

This is a Qualys Security Advisory detailing multiple vulnerabilities in procps-ng, including CVE-2018-1124, which involves an integer overflow in libprocps's file2strvec() function leading to local privilege escalation. The advisory includes descriptions of vulnerabilities, proof-of-concept code snippets, and technical details.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: procps-ng (libprocps)
No auth needed
Prerequisites: Access to a vulnerable system with procps-ng utilities · Ability to execute arbitrary code on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec STUB
by aravinddathd · poc
https://github.com/aravinddathd/CVE-2018-1123

The repository contains only README files with no actual exploit code. It references CVE-2018-11235 but is labeled as CVE-2018-1123, indicating a possible typo or mislabeling.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unknown
No auth needed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14
Core References
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3658-1/
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2018/dsa-4208
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201805-14
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44806/
Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/05/msg00021.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3658-3/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104214
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://seclists.org/oss-sec/2018/q2/122
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1123
Exploit, Third Party Advisory x_refsource_misc
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

Scores

CVSS v3 3.9
EPSS 0.0908
EPSS Percentile 94.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-119 CWE-122
Status published
Products (9)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 17.10
canonical/ubuntu_linux 18.04
debian/debian_linux 7.0
debian/debian_linux 8.0
debian/debian_linux 9.0
procps-ng_project/procps-ng < 3.3.15
Published May 23, 2018
Tracked Since Feb 18, 2026