Canonical Ubuntu Linux vulnerabilities

CVE-2020-13398 [HIGH] CWE-787 CVE-2020-13398: An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

CVE-2020-13397 [MEDIUM] CWE-125 CVE-2020-13397: An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

CVE-2020-10711 [MEDIUM] CWE-476 CVE-2020-10711: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_p

CVE-2020-12397 [MEDIUM] CWE-346 CVE-2020-12397: By encoding Unicode whitespace characters within the From email header, an attacker can spoof the se By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.

CVE-2020-13112 [CRITICAL] CVE-2020-13112: An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handli An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

CVE-2020-13113 [HIGH] CWE-908 CVE-2020-13113: An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote hand An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.

CVE-2020-6463 [HIGH] CWE-416 CVE-2020-6463: Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potenti Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-13114 [HIGH] CWE-770 CVE-2020-13114: An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerN An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.

CVE-2020-9484 [HIGH] CWE-502 CVE-2020-9484: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7. When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassN

CVE-2020-12663 [HIGH] CWE-835 CVE-2020-12663: Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

CVE-2020-12662 [HIGH] CWE-400 CVE-2020-12662: Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

CVE-2020-8617 [MEDIUM] CWE-617 CVE-2020-8617: Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an incon Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIN

CVE-2020-10724 [MEDIUM] CWE-190 CVE-2020-10724: A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.

CVE-2020-10722 [MEDIUM] CWE-190 CVE-2020-10722: A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

CVE-2020-10723 [MEDIUM] CWE-190 CVE-2020-10723: A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an inte A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.

CVE-2020-13143 [MEDIUM] CWE-125 CVE-2020-13143: gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 r gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

CVE-2020-11524 [MEDIUM] CWE-787 CVE-2020-11524: libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Writ libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.

CVE-2020-12888 [MEDIUM] CWE-755 CVE-2020-12888: The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

CVE-2020-11523 [MEDIUM] CWE-190 CVE-2020-11523: libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.

CVE-2020-11522 [MEDIUM] CWE-125 CVE-2020-11522: libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.