Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-11476

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process.

Related bugs and status

CVE-2019-11476 (Candidate) is related to these bugs:

Bug #1830863: Integer overflow in parse_report (whoopsie.c:425)

Summary				In	Importance	Status
	1830863	Integer overflow in parse_report (whoopsie.c:425)		whoopsie (Ubuntu)	Undecided	Fix Released
	1830863	Integer overflow in parse_report (whoopsie.c:425)		Whoopsie	Undecided	New

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...
MISC: https://usn.ubuntu.com...
MISC: http://packetstormsecu...