CVE-2023-4016

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Aug 2, 2023

Updated: Dec 15, 2023

CWE ID 787

CWE ID 122

Summary

CVE-2023-4016 is a newly identified vulnerability that grants users with access to run the "ps" utility on a target machine the ability to write nearly unlimited, unfiltered data into the process heap. Under specific conditions, this weakness could result in a heap overflow, potentially leading to arbitrary code execution and security breaches. Although the "ps" utility is commonly used for monitoring system processes, its misuse in this context highlights the importance of strictly controlling user access to critical system functions. It is recommended that affected systems be patched as soon as possible to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Fedora Operating System

Affected Vendors

Fedora Project

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners