--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-30c3ca07eb
2023-08-21 00:57:49.823939
--------------------------------------------------------------------------------

Name        : procps-ng
Product     : Fedora 38
Version     : 3.3.17
Release     : 11.fc38
URL         : https://sourceforge.net/projects/procps-ng/
Summary     : System and process monitoring utilities
Description :
The procps package contains a set of system utilities that provide
system information. Procps includes ps, free, skill, pkill, pgrep,
snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,
pwdx and pidwait.
The ps command displays a snapshot of running processes. The top command
provides a repetitive update of the statuses of running processes.
The free command displays the amounts of free and used memory on your
system. The skill command sends a terminate command (or another
specified signal) to a specified set of processes. The snice
command is used to change the scheduling priority of specified
processes. The tload command prints a graph of the current system
load average to a specified tty. The uptime command displays the
current time, how long the system has been running, how many users
are logged on, and system load averages for the past one, five,
and fifteen minutes. The w command displays a list of the users
who are currently logged on and what they are running. The watch
program watches a running program. The vmstat command displays
virtual memory statistics about processes, memory, paging, block
I/O, traps, and CPU activity. The pwdx command reports the current
working directory of a process or processes. The pidwait command
waits for processes of specified names.

--------------------------------------------------------------------------------
Update Information:

Possible buffer overflow in 'ps' (CVE-2023-4016)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 15 2023 Jan Rybar  - 3.3.17-11
- CVE-2023-4016: ps: possible buffer overflow
- Resolves: bz#2230186
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2230186 - CVE-2023-4016 procps-ng: procps: ps buffer overflow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2230186
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-30c3ca07eb' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 38: procps-ng 2023-30c3ca07eb

August 21, 2023
Possible buffer overflow in 'ps' (CVE-2023-4016)

Summary

The procps package contains a set of system utilities that provide

system information. Procps includes ps, free, skill, pkill, pgrep,

snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch,

pwdx and pidwait.

The ps command displays a snapshot of running processes. The top command

provides a repetitive update of the statuses of running processes.

The free command displays the amounts of free and used memory on your

system. The skill command sends a terminate command (or another

specified signal) to a specified set of processes. The snice

command is used to change the scheduling priority of specified

processes. The tload command prints a graph of the current system

load average to a specified tty. The uptime command displays the

current time, how long the system has been running, how many users

are logged on, and system load averages for the past one, five,

and fifteen minutes. The w command displays a list of the users

who are currently logged on and what they are running. The watch

program watches a running program. The vmstat command displays

virtual memory statistics about processes, memory, paging, block

I/O, traps, and CPU activity. The pwdx command reports the current

working directory of a process or processes. The pidwait command

waits for processes of specified names.

Update Information:

Possible buffer overflow in 'ps' (CVE-2023-4016)

Change Log

* Tue Aug 15 2023 Jan Rybar - 3.3.17-11 - CVE-2023-4016: ps: possible buffer overflow - Resolves: bz#2230186

References

[ 1 ] Bug #2230186 - CVE-2023-4016 procps-ng: procps: ps buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2230186

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-30c3ca07eb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : procps-ng
Product : Fedora 38
Version : 3.3.17
Release : 11.fc38
URL : https://sourceforge.net/projects/procps-ng/
Summary : System and process monitoring utilities

Related News

22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved