CVE-2019-11476

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process.

Published : 2019-08-29 15:15 Updated : 2019-10-09 23:45

4.6
CVSS Score More info
Score 4.6 / 10
4.6
Vendor Product Version URI
Canonical Ubuntu Linux 16.04 cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
Canonical Ubuntu Linux 18.04 cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
Canonical Ubuntu Linux 18.10 cpe:/o:canonical:ubuntu_linux:18.10
Canonical Ubuntu Linux 19.04 cpe:/o:canonical:ubuntu_linux:19.04
  1. Canonical (1) Search CVE
    1. Ubuntu Linux (4) Search CVE
      1. 16.04
      2. 18.04
      3. 18.10
      4. 19.04

CWE

ID Name Description Links
CWE-190 Integer Overflow or Wraparound The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. CVE

History of changes

Date Event
2019-09-04 01:21
2019-08-29 15:15

New CVE