Canonical Ubuntu Linux vulnerabilities

CVE-2019-16229 [MEDIUM] CWE-476 CVE-2019-16229: drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workq drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id

CVE-2019-16163 [HIGH] CWE-674 CVE-2019-16163: Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.

CVE-2019-16167 [MEDIUM] CWE-190 CVE-2019-16167: sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_commo sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.

CVE-2019-16168 [MEDIUM] CWE-369 CVE-2019-16168: In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other applicati In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

CVE-2019-16092 [CRITICAL] CWE-476 CVE-2019-16092: Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

CVE-2019-16093 [CRITICAL] CWE-787 CVE-2019-16093: Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

CVE-2019-16094 [HIGH] CWE-125 CVE-2019-16094: Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

CVE-2019-16091 [HIGH] CWE-125 CVE-2019-16091: Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

CVE-2019-16095 [HIGH] CWE-125 CVE-2019-16095: Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

CVE-2019-9854 [HIGH] CVE-2019-9854: LibreOffice has a feature where documents can specify that pre-installed macros can be executed on v LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a d

CVE-2019-16056 [HIGH] CVE-2019-16056: An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address t

CVE-2019-9453 [MEDIUM] CWE-20 CVE-2019-9453: In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper in In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

CVE-2019-9445 [MEDIUM] CWE-125 CVE-2019-9445: In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

CVE-2019-15926 [CRITICAL] CWE-125 CVE-2019-15926: An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functio An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.

CVE-2019-15925 [HIGH] CWE-125 CVE-2019-15925: An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the func An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c.

CVE-2019-15918 [HIGH] CWE-125 CVE-2019-15918: An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has a An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.

CVE-2019-10197 [CRITICAL] CWE-22 CVE-2019-10197: A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

CVE-2015-9383 [MEDIUM] CWE-125 CVE-2015-9383: FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.

CVE-2019-15717 [CRITICAL] CWE-416 CVE-2019-15717: Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

CVE-2019-11476 [HIGH] CWE-190 CVE-2019-11476: An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process.