Canonical Ubuntu Linux vulnerabilities

CVE-2019-9433 [MEDIUM] CWE-20 CVE-2019-9433: In libvpx, there is a possible information disclosure due to improper input validation. This could l In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354

CVE-2019-9371 [MEDIUM] CWE-20 CVE-2019-9371: In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254

CVE-2019-9325 [MEDIUM] CWE-125 CVE-2019-9325: In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302

CVE-2019-16869 [HIGH] CWE-444 CVE-2019-16869: Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfe Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.

CVE-2019-10092 [MEDIUM] CWE-79 CVE-2019-10092: In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that

CVE-2019-16884 [HIGH] CWE-863 CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor res runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

CVE-2019-13627 [MEDIUM] CWE-203 CVE-2019-13627: It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Ver It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

CVE-2017-18635 [MEDIUM] CWE-79 CVE-2017-18635: An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could injec An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

CVE-2019-16746 [CRITICAL] CWE-120 CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not ch An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

CVE-2019-16729 [HIGH] CVE-2019-16729: pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Pyt pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.

CVE-2019-5094 [MEDIUM] CWE-787 CVE-2019-5094: An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45 An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

CVE-2019-12068 [LOW] CWE-835 CVE-2019-12068: In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10 In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit af

CVE-2019-16714 [HIGH] CWE-909 CVE-2019-16714: In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain s In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

CVE-2019-16708 [MEDIUM] CWE-401 CVE-2019-16708: ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.

CVE-2019-16711 [MEDIUM] CWE-401 CVE-2019-16711: ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.

CVE-2019-16710 [MEDIUM] CWE-401 CVE-2019-16710: ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in Ma ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.

CVE-2019-16709 [MEDIUM] CWE-401 CVE-2019-16709: ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.

CVE-2019-16713 [MEDIUM] CWE-401 CVE-2019-16713: ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/c ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.

CVE-2019-16680 [MEDIUM] CWE-22 CVE-2019-16680: An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.

CVE-2019-14814 [HIGH] CWE-122 CVE-2019-14814: There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marve There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.