cbcvebase.
CVE-2023-4016
published 2023-08-02

CVE-2023-4016: Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of…

PriorityP412low3.3CVSS 3.1
AVLACLPRLUINSUCNINAL
EPSS
0.24%
14.8th percentile
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianprocps< procps 2:4.0.4-1 (forky)procps 2:4.0.4-1 (forky)
fedoraprojectfedora
linuxlinux_kernal
procps_projectprocps>= 0 < 2:4.0.4-12:4.0.4-1
procps_projectprocps>= 0 < 2:4.0.4-12:4.0.4-1
procps_projectprocps3.3.0 – 4.0.3

CVSS provenance

nvdv3.13.3LOWCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
osv3.3LOW
vendor_oracle3.3LOW
vendor_debian2.5LOW
vendor_redhat2.5LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.