Wind River Support Network

HomeDefectsLIN10-3980
Not to be fixed

LIN10-3980 : Security Advisory - linux - CVE-2018-1121

Created: May 24, 2018    Updated: Oct 19, 2018
Resolved Date: Sep 3, 2018
Found In Version: 10.17.41.7
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Kernel

Description

An unprivileged attacker can hide a process from procps-ng's utilities, by exploiting either a denial of service (a rather noisy method) or a race condition inherent in reading /proc/PID entries (a stealthier method).

https://security.archlinux.org/CVE-2018-1121
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube