procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Procps-ng | Procps-ng_project | * | 3.3.15 (excluding) |
| Procps | Ubuntu | artful | * |
| Procps | Ubuntu | bionic | * |
| Procps | Ubuntu | devel | * |
| Procps | Ubuntu | trusty | * |
| Procps | Ubuntu | upstream | * |
| Procps | Ubuntu | xenial | * |
| Red Hat Ansible Tower 3.4 for RHEL 7 | RedHat | ansible-tower-34/ansible-tower-memcached:1.4.15-28 | * |
| Red Hat Ansible Tower 3.4 for RHEL 7 | RedHat | ansible-tower-35/ansible-tower-memcached:1.4.15-28 | * |
| Red Hat Ansible Tower 3.4 for RHEL 7 | RedHat | ansible-tower-37/ansible-tower-memcached-rhel7:1.4.15-28 | * |
| Red Hat Enterprise Linux 7 | RedHat | procps-ng-0:3.3.10-26.el7 | * |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | RedHat | procps-ng-0:3.3.10-16.el7_4.2 | * |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | RedHat | procps-ng-0:3.3.10-16.el7_4.2 | * |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | RedHat | procps-ng-0:3.3.10-16.el7_4.2 | * |
| Red Hat Enterprise Linux 7.5 Extended Update Support | RedHat | procps-ng-0:3.3.10-17.el7_5.4 | * |
| Red Hat Enterprise Linux 7.6 Extended Update Support | RedHat | procps-ng-0:3.3.10-23.el7_6.2 | * |