Published: 06/08/2020 Updated: 13/09/2021

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

In whoopsie, parse_report() from whoopsie.c allows a local malicious user to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical whoopsie 0.2.66
canonical whoopsie 0.2.67
canonical whoopsie 0.2.68
canonical whoopsie 0.2.69
canonical whoopsie 0.2.49
canonical whoopsie 0.2.50
canonical whoopsie 0.2.51
canonical whoopsie 0.2.52
canonical whoopsie 0.2.52.1
canonical whoopsie 0.2.52.2
canonical whoopsie 0.2.52.3
canonical whoopsie 0.2.52.4
canonical whoopsie 0.2.52.5
canonical whoopsie 0.2.52.5ubuntu0.1
canonical whoopsie 0.2.52.5ubuntu0.2
canonical whoopsie 0.2.52.5ubuntu0.3
canonical whoopsie 0.2.52.5ubuntu0.4
canonical whoopsie 0.2.58
canonical whoopsie 0.2.59
canonical whoopsie 0.2.59build1
canonical whoopsie 0.2.60
canonical whoopsie 0.2.61
canonical whoopsie 0.2.62
canonical whoopsie 0.2.62ubuntu0.1
canonical whoopsie 0.2.62ubuntu0.2
canonical whoopsie 0.2.62ubuntu0.3
canonical whoopsie 0.2.62ubuntu0.4

CWE-401 https://launchpad.net/bugs/1881982 https://github.com/sungjungk/whoopsie_killer https://usn.ubuntu.com/4450-1 https://usn.ubuntu.com/4450-1/https://nvd.nist.gov

CVE-2020-11937

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect