CVE-2023-4016: ps buffer overflow
NIST has published CVE-2023-4016 with the following description:
"Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap."
There is only one reference to the procps
project without any patch or code details.
- Are you aware of this issue and is it valid?
- Could you reference a commit that fixes the problem?
References: https://nvd.nist.gov/vuln/detail/CVE-2023-4016 https://gitlab.com/procps-ng/procps