Red Hat Product Errata RHSA-2020:1464 - Security Advisory
Issued:
2020-04-14
Updated:
2020-04-14

RHSA-2020:1464 - Security Advisory

Synopsis

Moderate: procps-ng security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for procps-ng is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx.

Security Fix(es):

  • procps-ng, procps: Local privilege escalation in top (CVE-2018-1122)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1575466 - CVE-2018-1122 procps-ng, procps: Local privilege escalation in top

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
x86_64
procps-ng-3.3.10-23.el7_6.2.i686.rpm SHA-256: 4b35b551d2be33b61b2d114ac0983811f4f7c50a767599a69a99c15c1e8f4d8e
procps-ng-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 233d739565283e1fe2b9bd0358e2769fb047827d6b9b9971add772c8f0cd504a
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-devel-3.3.10-23.el7_6.2.i686.rpm SHA-256: 402290e00b5ec092ff9d6ef62c79355004611f40b9fa96d063bf9647aa05f8fc
procps-ng-devel-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 34448d1a0e566be39f7fb8ac86a75ac9ba0f2ce64f45223a0907d0b9ecfad24b
procps-ng-i18n-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 283ae1e11289cc5dd06c8cf0af557015eff5be0823556e04f1260c8c87c63044

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
x86_64
procps-ng-3.3.10-23.el7_6.2.i686.rpm SHA-256: 4b35b551d2be33b61b2d114ac0983811f4f7c50a767599a69a99c15c1e8f4d8e
procps-ng-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 233d739565283e1fe2b9bd0358e2769fb047827d6b9b9971add772c8f0cd504a
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-devel-3.3.10-23.el7_6.2.i686.rpm SHA-256: 402290e00b5ec092ff9d6ef62c79355004611f40b9fa96d063bf9647aa05f8fc
procps-ng-devel-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 34448d1a0e566be39f7fb8ac86a75ac9ba0f2ce64f45223a0907d0b9ecfad24b
procps-ng-i18n-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 283ae1e11289cc5dd06c8cf0af557015eff5be0823556e04f1260c8c87c63044

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
s390x
procps-ng-3.3.10-23.el7_6.2.s390.rpm SHA-256: 0967c464256f9adb64c7b92093f1bc9745f026cdb8d504a4d062c9b89132c5a2
procps-ng-3.3.10-23.el7_6.2.s390x.rpm SHA-256: c7630c69dfe0b8a3b3a5160ba3c376f4039a35a9e58b5ff9569dd9098a42aad4
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390.rpm SHA-256: e9909adbe46a34292491faf9c3befdcf83d4757736ed6db1b0e1abbba6a45c55
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390.rpm SHA-256: e9909adbe46a34292491faf9c3befdcf83d4757736ed6db1b0e1abbba6a45c55
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 472fbfef23c1a34d4d87368738db820503c709f5759532552d8399a98b0e0784
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 472fbfef23c1a34d4d87368738db820503c709f5759532552d8399a98b0e0784
procps-ng-devel-3.3.10-23.el7_6.2.s390.rpm SHA-256: 5a4e4b012794a6bd30b018cab40265e16fec003056e0f83dbcfb177c773937b6
procps-ng-devel-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 5c1723becfd5526adf071259823d3982ddb824919c1a73611328882a3089918b
procps-ng-i18n-3.3.10-23.el7_6.2.s390x.rpm SHA-256: b831fdca43afc0cc85c7fe636bf9093607f220c0d95cb07055e53264051b515e

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
ppc64
procps-ng-3.3.10-23.el7_6.2.ppc.rpm SHA-256: 7afa15825ba205ec888cd8400f72e27a2f3889f0125ef672063a57834b8615a2
procps-ng-3.3.10-23.el7_6.2.ppc64.rpm SHA-256: 64147eaee0e7a84decbc866be729386f2bdd529b48fcc6fc095a28dae352a1d7
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc.rpm SHA-256: 8ff37f18a1f9a92a84a519777e90f146efbb59e16324e2788448d5035ab84907
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc.rpm SHA-256: 8ff37f18a1f9a92a84a519777e90f146efbb59e16324e2788448d5035ab84907
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64.rpm SHA-256: 341be1f39d5fd1f9ec892b9bd8902aa7c8b0aea94e75965a4eae107f861ddbd9
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64.rpm SHA-256: 341be1f39d5fd1f9ec892b9bd8902aa7c8b0aea94e75965a4eae107f861ddbd9
procps-ng-devel-3.3.10-23.el7_6.2.ppc.rpm SHA-256: f9b0c75cf52add48af073e7431b71b4b8d207939c994d85433fe42a02e6a9845
procps-ng-devel-3.3.10-23.el7_6.2.ppc64.rpm SHA-256: 6fb70f21b7ffe8226d021c0bd7245a61285d571dbff0dee69d8bd0544a00b23a
procps-ng-i18n-3.3.10-23.el7_6.2.ppc64.rpm SHA-256: 3a6b167cd78f5b308c3219d81c2e7c0b45b888a573f0c001b5b7cd716f481e9c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
ppc64le
procps-ng-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 6225a167d2ae4cf68e2a13c4e1ae986b5029dd0529e42b24f09f1a850989bd85
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-devel-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: fbae34cae0a9368104c477cf7ec456cef822bba3a145e4d2c55f4821008c9baa
procps-ng-i18n-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 0f3cb1ab7b12c207715a2bcd34661f142b7930c60bd9921283534ba01a39ffb8

Red Hat Enterprise Linux Server - TUS 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
x86_64
procps-ng-3.3.10-23.el7_6.2.i686.rpm SHA-256: 4b35b551d2be33b61b2d114ac0983811f4f7c50a767599a69a99c15c1e8f4d8e
procps-ng-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 233d739565283e1fe2b9bd0358e2769fb047827d6b9b9971add772c8f0cd504a
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-devel-3.3.10-23.el7_6.2.i686.rpm SHA-256: 402290e00b5ec092ff9d6ef62c79355004611f40b9fa96d063bf9647aa05f8fc
procps-ng-devel-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 34448d1a0e566be39f7fb8ac86a75ac9ba0f2ce64f45223a0907d0b9ecfad24b
procps-ng-i18n-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 283ae1e11289cc5dd06c8cf0af557015eff5be0823556e04f1260c8c87c63044

Red Hat Enterprise Linux for ARM 64 7

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
aarch64
procps-ng-3.3.10-23.el7_6.2.aarch64.rpm SHA-256: 4be6cf4fed7ffea4ae884f727addc2497bbf430b9a507c48ead0040ccdf7e43c
procps-ng-debuginfo-3.3.10-23.el7_6.2.aarch64.rpm SHA-256: 0e724052dd95753aa50638be501ee841dc50b61c512b5372f10d2e3fae13905e
procps-ng-debuginfo-3.3.10-23.el7_6.2.aarch64.rpm SHA-256: 0e724052dd95753aa50638be501ee841dc50b61c512b5372f10d2e3fae13905e
procps-ng-devel-3.3.10-23.el7_6.2.aarch64.rpm SHA-256: 058c0594d83450086813bfc575309a6329791d8b9801d73e94ab99addcf8102e
procps-ng-i18n-3.3.10-23.el7_6.2.aarch64.rpm SHA-256: 25598ddb629d7179a3cd0c98063b81f17d5c27ae7f997a1d8594ec3db41aa71a

Red Hat Enterprise Linux for Power 9 7

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
ppc64le
procps-ng-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 6225a167d2ae4cf68e2a13c4e1ae986b5029dd0529e42b24f09f1a850989bd85
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-devel-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: fbae34cae0a9368104c477cf7ec456cef822bba3a145e4d2c55f4821008c9baa
procps-ng-i18n-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 0f3cb1ab7b12c207715a2bcd34661f142b7930c60bd9921283534ba01a39ffb8

Red Hat Enterprise Linux EUS Compute Node 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
x86_64
procps-ng-3.3.10-23.el7_6.2.i686.rpm SHA-256: 4b35b551d2be33b61b2d114ac0983811f4f7c50a767599a69a99c15c1e8f4d8e
procps-ng-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 233d739565283e1fe2b9bd0358e2769fb047827d6b9b9971add772c8f0cd504a
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-devel-3.3.10-23.el7_6.2.i686.rpm SHA-256: 402290e00b5ec092ff9d6ef62c79355004611f40b9fa96d063bf9647aa05f8fc
procps-ng-devel-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 34448d1a0e566be39f7fb8ac86a75ac9ba0f2ce64f45223a0907d0b9ecfad24b
procps-ng-i18n-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 283ae1e11289cc5dd06c8cf0af557015eff5be0823556e04f1260c8c87c63044

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
ppc64le
procps-ng-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 6225a167d2ae4cf68e2a13c4e1ae986b5029dd0529e42b24f09f1a850989bd85
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-debuginfo-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 4e061a8237f83516fc8e9fbcaf719da5ec417cfd6016af755460f0f71bca17e0
procps-ng-devel-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: fbae34cae0a9368104c477cf7ec456cef822bba3a145e4d2c55f4821008c9baa
procps-ng-i18n-3.3.10-23.el7_6.2.ppc64le.rpm SHA-256: 0f3cb1ab7b12c207715a2bcd34661f142b7930c60bd9921283534ba01a39ffb8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
x86_64
procps-ng-3.3.10-23.el7_6.2.i686.rpm SHA-256: 4b35b551d2be33b61b2d114ac0983811f4f7c50a767599a69a99c15c1e8f4d8e
procps-ng-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 233d739565283e1fe2b9bd0358e2769fb047827d6b9b9971add772c8f0cd504a
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.i686.rpm SHA-256: aee986229e37c0a7d697662b9329457edd31a37522c274db40f95b96dca1d122
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-debuginfo-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 6df6cb29ce6ac78ef0f791cd0f020d746ef2aa60275f2aa263663c70872537cd
procps-ng-devel-3.3.10-23.el7_6.2.i686.rpm SHA-256: 402290e00b5ec092ff9d6ef62c79355004611f40b9fa96d063bf9647aa05f8fc
procps-ng-devel-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 34448d1a0e566be39f7fb8ac86a75ac9ba0f2ce64f45223a0907d0b9ecfad24b
procps-ng-i18n-3.3.10-23.el7_6.2.x86_64.rpm SHA-256: 283ae1e11289cc5dd06c8cf0af557015eff5be0823556e04f1260c8c87c63044

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
procps-ng-3.3.10-23.el7_6.2.src.rpm SHA-256: 82e0f335ef5d8d61d553d0846648da9479f8260d925bc676a7f7cfaee22f51db
s390x
procps-ng-3.3.10-23.el7_6.2.s390.rpm SHA-256: 0967c464256f9adb64c7b92093f1bc9745f026cdb8d504a4d062c9b89132c5a2
procps-ng-3.3.10-23.el7_6.2.s390x.rpm SHA-256: c7630c69dfe0b8a3b3a5160ba3c376f4039a35a9e58b5ff9569dd9098a42aad4
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390.rpm SHA-256: e9909adbe46a34292491faf9c3befdcf83d4757736ed6db1b0e1abbba6a45c55
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390.rpm SHA-256: e9909adbe46a34292491faf9c3befdcf83d4757736ed6db1b0e1abbba6a45c55
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 472fbfef23c1a34d4d87368738db820503c709f5759532552d8399a98b0e0784
procps-ng-debuginfo-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 472fbfef23c1a34d4d87368738db820503c709f5759532552d8399a98b0e0784
procps-ng-devel-3.3.10-23.el7_6.2.s390.rpm SHA-256: 5a4e4b012794a6bd30b018cab40265e16fec003056e0f83dbcfb177c773937b6
procps-ng-devel-3.3.10-23.el7_6.2.s390x.rpm SHA-256: 5c1723becfd5526adf071259823d3982ddb824919c1a73611328882a3089918b
procps-ng-i18n-3.3.10-23.el7_6.2.s390x.rpm SHA-256: b831fdca43afc0cc85c7fe636bf9093607f220c0d95cb07055e53264051b515e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.