Canonical Ubuntu Linux vulnerabilities

CVE-2019-14816 [HIGH] CWE-122 CVE-2019-14816: There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wif There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

CVE-2019-14821 [HIGH] CWE-787 CVE-2019-14821: An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Li An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process.

CVE-2019-11779 [MEDIUM] CWE-754 CVE-2019-11779: In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet c In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.

CVE-2019-16378 [CRITICAL] CWE-290 CVE-2019-16378: OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability w OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.

CVE-2019-16239 [CRITICAL] CWE-120 CVE-2019-16239: process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

CVE-2019-14835 [HIGH] CWE-120 CVE-2019-14835: A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their pr

CVE-2019-16392 [MEDIUM] CWE-79 CVE-2019-16392: SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.

CVE-2019-16394 [MEDIUM] CWE-203 CVE-2019-16394: SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.

CVE-2019-16393 [MEDIUM] CWE-601 CVE-2019-16393: SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0 SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.

CVE-2019-16391 [MEDIUM] CVE-2019-16391: SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published conten SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.

CVE-2019-15031 [MEDIUM] CWE-662 CVE-2019-15031: In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers o In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrup

CVE-2019-15030 [MEDIUM] CWE-862 CVE-2019-15030: In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers o In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector regi

CVE-2019-16275 [MEDIUM] CWE-346 CVE-2019-16275: hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the

CVE-2019-16236 [HIGH] CWE-862 CVE-2019-16236: Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.

CVE-2019-16237 [HIGH] CWE-346 CVE-2019-16237: Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_messa Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

CVE-2019-16235 [HIGH] CWE-346 CVE-2019-16235: Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_me Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

CVE-2019-16231 [MEDIUM] CWE-476 CVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return va drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

CVE-2019-16233 [MEDIUM] CWE-476 CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return v drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

CVE-2019-16234 [MEDIUM] CWE-476 CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_ drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.

CVE-2019-16232 [MEDIUM] CWE-476 CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_ drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.