Acknowledged
Created: May 24, 2018
Updated: Aug 28, 2018
Found In Version: 6.0.0.36
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel
An attacker can block any read() access to /proc/PID/cmdline by mmap()ing a FUSE file (Filesystem in Userspace) onto this process's command-line arguments. The attacker can therefore block pgrep, pidof, pkill, ps, and w, either forever (a denial of service), or for some controlled time (a synchronization tool for exploiting other vulnerabilities).
https://security.archlinux.org/CVE-2018-1120
https://www.securityfocus.com/bid/104229/discuss
https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
