CVE-2019-11476 - OpenCVE

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html
https://bugs.launchpad.net/ubuntu/%2Bsource/whoopsie/%2Bbug/1830863
https://usn.ubuntu.com/4052-1/

History

No history.

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2019-08-29T14:38:46.242464Z

Updated: 2024-09-16T19:15:47.644Z

Reserved: 2019-04-23T00:00:00

Link: CVE-2019-11476

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-08-29T15:15:10.950

Modified: 2023-06-12T07:15:11.240

Link: CVE-2019-11476

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2019-11476", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "assignerShortName": "canonical", "dateUpdated": "2024-09-16T19:15:47.644Z", "dateReserved": "2019-04-23T00:00:00", "datePublished": "2019-08-29T14:38:46.242464Z"}, "containers": {"cna": {"title": "Integer overflow in whoopsie results in out-of-bounds heap write", "datePublic": "2019-07-09T00:00:00", "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2023-06-12T00:00:00"}, "descriptions": [{"lang": "en", "value": "An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process."}], "affected": [{"vendor": "Ubuntu", "product": "Whoopsie", "versions": [{"version": "before 0.2.52.5ubuntu0.1", "status": "affected"}, {"version": "before 0.2.62ubuntu0.1", "status": "affected"}, {"version": "before 0.2.64ubuntu0.1", "status": "affected"}, {"version": "before 0.2.66", "status": "affected"}]}], "references": [{"url": "https://usn.ubuntu.com/4052-1/"}, {"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/whoopsie/%2Bbug/1830863"}, {"url": "http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html"}], "credits": [{"lang": "en", "value": "Kevin Backhouse of Semmle Security Research Team"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-190 Integer Overflow or Wraparound", "cweId": "CWE-190"}]}], "x_generator": {"engine": "Vulnogram 0.0.7"}, "source": {"advisory": "https://usn.ubuntu.com/usn/usn-4052-1", "defect": ["https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1830863"], "discovery": "EXTERNAL"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:55:40.210Z"}, "title": "CVE Program Container", "references": [{"url": "https://usn.ubuntu.com/4052-1/", "tags": ["x_transferred"]}, {"url": "https://bugs.launchpad.net/ubuntu/%2Bsource/whoopsie/%2Bbug/1830863", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process."}, {"lang": "es", "value": "Un desbordamiento de enteros en whoopsie versiones anteriores a 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, lo que resulta en una escritura fuera de l\u00edmites en un b\u00fafer asignado de la pila cuando se procesan volcados por bloqueos largos. Esto resulta en un bloqueo o una posible ejecuci\u00f3n de c\u00f3digo en el contexto del proceso de whoopsie."}], "id": "CVE-2019-11476", "lastModified": "2023-06-12T07:15:11.240", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2019-08-29T15:15:10.950", "references": [{"source": "security@ubuntu.com", "url": "http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html"}, {"source": "security@ubuntu.com", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugs.launchpad.net/ubuntu/%2Bsource/whoopsie/%2Bbug/1830863"}, {"source": "security@ubuntu.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://usn.ubuntu.com/4052-1/"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "security@ubuntu.com", "type": "Secondary"}]}