Canonical Ubuntu Linux vulnerabilities

CVE-2019-9638 [HIGH] CWE-125 CVE-2019-9638: An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x b An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

CVE-2019-9637 [HIGH] CWE-264 CVE-2019-9637: An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to th An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CVE-2019-9636 [CRITICAL] CVE-2019-9636: Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encod Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A sp

CVE-2019-7175 [HIGH] CWE-401 CVE-2019-7175: In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.

CVE-2019-3824 [MEDIUM] CWE-125 CVE-2019-3824: A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service.

CVE-2019-6215 [HIGH] CWE-843 CVE-2019-6215: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6212 [HIGH] CWE-787 CVE-2019-6212: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-9213 [MEDIUM] CWE-476 CVE-2019-9213: In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.

CVE-2018-12390 [CRITICAL] CWE-119 CVE-2018-12390: Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firef Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 6

CVE-2018-18498 [CRITICAL] CWE-190 CVE-2018-18498: A potential vulnerability leading to an integer overflow can occur during buffer size calculations f A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVE-2018-12405 [CRITICAL] CWE-119 CVE-2018-12405: Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firef Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox <

CVE-2018-12392 [CRITICAL] CVE-2018-12392: When manipulating user events in nested loops while opening a document through script, it is possibl When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

CVE-2018-18493 [CRITICAL] CWE-119 CVE-2018-18493: A buffer overflow can occur in the Skia library during buffer offset calculations with hardware acce A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVE-2018-12407 [CRITICAL] CWE-119 CVE-2018-12407: A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64.

CVE-2018-18492 [CRITICAL] CWE-416 CVE-2018-18492: A use-after-free vulnerability can occur after deleting a selection element due to a weak reference A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.

CVE-2018-12388 [HIGH] CWE-119 CVE-2018-12388: Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63.

CVE-2018-12406 [HIGH] CWE-119 CVE-2018-12406: Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64.

CVE-2019-1999 [HIGH] CWE-415 CVE-2019-1999: In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.

CVE-2018-12395 [HIGH] CVE-2018-12395: By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain re By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVE-2018-12389 [HIGH] CWE-119 CVE-2018-12389: Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. So Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3.