Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 6 of 6 results

CVE-2020-15570

Medium priority

Some fixes available 3 of 4

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.

1 affected packages

whoopsie

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
whoopsie Fixed Fixed Fixed
Show less packages

CVE-2020-11937

Medium priority

Some fixes available 3 of 4

In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and...

1 affected packages

whoopsie

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
whoopsie Fixed Fixed Fixed
Show less packages

CVE-2020-12135

Medium priority

Some fixes available 12 of 26

bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.

2 affected packages

duo-unix, whoopsie

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
duo-unix Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
whoopsie Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2012-0945

Medium priority
Not affected

whoopsie-daisy before 0.1.26: Root user can remove arbitrary files

1 affected packages

whoopsie-daisy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
whoopsie-daisy
Show less packages

CVE-2019-11484

Medium priority

Some fixes available 14 of 28

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

2 affected packages

duo-unix, whoopsie

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
duo-unix Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
whoopsie Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-11476

Medium priority
Fixed

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash...

1 affected packages

whoopsie

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
whoopsie Fixed Fixed
Show less packages