{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu16.04els/vex/2018/cve-2018-1121-els_os-ubuntu16_04els.json" } ], "tracking": { "current_release_date": "2026-04-24T11:43:17Z", "generator": { "date": "2026-04-24T11:43:17Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2018-1121-ELS_OS-UBUNTU16.04ELS", "initial_release_date": "2018-06-13T20:29:00Z", "revision_history": [ { "date": "2018-06-13T20:29:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-20T15:28:18Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-04-24T11:43:17Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2018-1121" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 16.04", "product": { "name": "Ubuntu 16.04", "product_id": "Ubuntu-16", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" }, { "branches": [ { "category": "product_version", "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "product": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "product_id": "libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "product_identification_helper": { "purl": "pkg:deb/ubuntu/libprocps4-dev@3.3.10-4ubuntu2.5?arch=amd64" } } }, { "category": "product_version", "name": "libprocps4-2:3.3.10-4ubuntu2.5.amd64", "product": { "name": "libprocps4-2:3.3.10-4ubuntu2.5.amd64", "product_id": "libprocps4-2:3.3.10-4ubuntu2.5.amd64", "product_identification_helper": { "purl": "pkg:deb/ubuntu/libprocps4@3.3.10-4ubuntu2.5?arch=amd64" } } }, { "category": "product_version", "name": "procps-2:3.3.10-4ubuntu2.5.amd64", "product": { "name": "procps-2:3.3.10-4ubuntu2.5.amd64", "product_id": "procps-2:3.3.10-4ubuntu2.5.amd64", "product_identification_helper": { "purl": "pkg:deb/ubuntu/procps@3.3.10-4ubuntu2.5?arch=amd64" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_id": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libprocps4-dev@3.3.10-4ubuntu2.5%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_id": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libprocps4-dev@3.3.10-4ubuntu2.5%2Btuxcare.els1?arch=amd64" } } }, { "category": "product_version", "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product": { "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_id": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libprocps4@3.3.10-4ubuntu2.5%2Btuxcare.els2?arch=amd64" } } }, { "category": "product_version", "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product": { "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_id": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/libprocps4@3.3.10-4ubuntu2.5%2Btuxcare.els1?arch=amd64" } } }, { "category": "product_version", "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product": { "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_id": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/procps@3.3.10-4ubuntu2.5%2Btuxcare.els1?arch=amd64" } } }, { "category": "product_version", "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product": { "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_id": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/procps@3.3.10-4ubuntu2.5%2Btuxcare.els2?arch=amd64" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64" }, "product_reference": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64" }, "product_reference": "libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64" }, "product_reference": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64" }, "product_reference": "libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64" }, "product_reference": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64" }, "product_reference": "procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64" }, "product_reference": "libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "libprocps4-2:3.3.10-4ubuntu2.5.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5.amd64" }, "product_reference": "libprocps4-2:3.3.10-4ubuntu2.5.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "procps-2:3.3.10-4ubuntu2.5.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5.amd64" }, "product_reference": "procps-2:3.3.10-4ubuntu2.5.amd64", "relates_to_product_reference": "Ubuntu-16" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1121", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "notes": [ { "category": "description", "text": "procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2018-1121" }, { "category": "external", "summary": "http://seclists.org/oss-sec/2018/q2/122", "url": "http://seclists.org/oss-sec/2018/q2/122" }, { "category": "external", "summary": "http://www.securityfocus.com/bid/104214", "url": "http://www.securityfocus.com/bid/104214" }, { "category": "external", "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121" }, { "category": "external", "summary": "https://www.exploit-db.com/exploits/44806/", "url": "https://www.exploit-db.com/exploits/44806/" }, { "category": "external", "summary": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt", "url": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt" } ], "release_date": "2018-06-13T20:29:00Z", "remediations": [ { "category": "no_fix_planned", "details": "CVE-2018-1121 is a local race condition in procps/procps‑ng that only enables a process to briefly evade userland listings (ps/top) while leaving the kernel, permissions, and security boundaries unchanged, and it provides no privilege escalation or remote vector. Exploitation requires the attacker to already be executing code on the host and to precisely win a narrow timing window using inotify/fork/exec, so the effect is transient visibility rather than compromise. In typical server/VM deployments, this translates to negligible impact on confidentiality and availability, making the issue reasonable to deprioritize.", "product_ids": [ "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5.amd64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:libprocps4-dev-2:3.3.10-4ubuntu2.5.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els1.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5+tuxcare.els2.amd64", "Ubuntu-16:procps-2:3.3.10-4ubuntu2.5.amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }