Integer overflow in bson_ensure_space
CVE-2019-11484

6.3MEDIUM

Key Information:

Vendor: Canonical
Status: Whoopsie
Vendor: CVE Published:; 8 February 2020

Summary

Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.

Affected Version(s)

whoopsie 0.2.52.5 < 0.2.52.5ubuntu0.2

whoopsie 0.2.62 < 0.2.62ubuntu0.2

whoopsie 0.2.66 < 0.2.66ubuntu0.1

References

https://usn.ubuntu.com/usn/usn-4170-1

https://usn.ubuntu.com/usn/usn-4170-2

http://packetstormsecurity.com/files/172858/Ubuntu-Apport...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 8, 2020
Vulnerability Reserved
Apr 23, 2019

Credit

Kevin Backhouse

.