CVE-2018-1121 -- linux-imageID: oval:org.secpod.oval:def:2000167 | Date: (C)2019-04-21 (M)2021-09-30 |
Class: VULNERABILITY | Family: unix |
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel"s proc_pid_readdir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng"s utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.
Platform: |
Debian 8.x |
Debian 9.x |
Product: |
linux-image-3.16 |
linux-image-4.9 |