--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-30c3ca07eb
2023-08-21 00:57:49.823939
--------------------------------------------------------------------------------

Name        : procps-ng
Product     : Fedora 38
Version     : 3.3.17
Release     : 11.fc38
URL         : https://sourceforge.net/projects/procps-ng/
Summary     : System and process monitoring utilities
Description :
The procps package contains a set of system utilities that provide
system information. Procps includes ps, free, skill, pkill, pgrep,
snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,
pwdx and pidwait.
The ps command displays a snapshot of running processes. The top command
provides a repetitive update of the statuses of running processes.
The free command displays the amounts of free and used memory on your
system. The skill command sends a terminate command (or another
specified signal) to a specified set of processes. The snice
command is used to change the scheduling priority of specified
processes. The tload command prints a graph of the current system
load average to a specified tty. The uptime command displays the
current time, how long the system has been running, how many users
are logged on, and system load averages for the past one, five,
and fifteen minutes. The w command displays a list of the users
who are currently logged on and what they are running. The watch
program watches a running program. The vmstat command displays
virtual memory statistics about processes, memory, paging, block
I/O, traps, and CPU activity. The pwdx command reports the current
working directory of a process or processes. The pidwait command
waits for processes of specified names.

--------------------------------------------------------------------------------
Update Information:

Possible buffer overflow in 'ps' (CVE-2023-4016)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 15 2023 Jan Rybar  - 3.3.17-11
- CVE-2023-4016: ps: possible buffer overflow
- Resolves: bz#2230186
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2230186 - CVE-2023-4016 procps-ng: procps: ps buffer overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2230186
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-30c3ca07eb' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/login/

Fedora 38: procps-ng 2023-30c3ca07eb

August 21, 2023
Possible buffer overflow in 'ps' (CVE-2023-4016)

Summary

The procps package contains a set of system utilities that provide

system information. Procps includes ps, free, skill, pkill, pgrep,

snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,

pwdx and pidwait.

The ps command displays a snapshot of running processes. The top command

provides a repetitive update of the statuses of running processes.

The free command displays the amounts of free and used memory on your

system. The skill command sends a terminate command (or another

specified signal) to a specified set of processes. The snice

command is used to change the scheduling priority of specified

processes. The tload command prints a graph of the current system

load average to a specified tty. The uptime command displays the

current time, how long the system has been running, how many users

are logged on, and system load averages for the past one, five,

and fifteen minutes. The w command displays a list of the users

who are currently logged on and what they are running. The watch

program watches a running program. The vmstat command displays

virtual memory statistics about processes, memory, paging, block

I/O, traps, and CPU activity. The pwdx command reports the current

working directory of a process or processes. The pidwait command

waits for processes of specified names.

Update Information:

Possible buffer overflow in 'ps' (CVE-2023-4016)

Change Log

* Tue Aug 15 2023 Jan Rybar - 3.3.17-11 - CVE-2023-4016: ps: possible buffer overflow - Resolves: bz#2230186

References

[ 1 ] Bug #2230186 - CVE-2023-4016 procps-ng: procps: ps buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230186

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-30c3ca07eb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : procps-ng
Product : Fedora 38
Version : 3.3.17
Release : 11.fc38
URL : https://sourceforge.net/projects/procps-ng/
Summary : System and process monitoring utilities

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo