Canonical: >> Ubuntu Linux >> 18.10 Security Vulnerabilities
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.052
Published
2018-12-07
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.093
Published
2018-12-05
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).
CVSS Score
4.7
EPSS Score
0.001
Published
2018-12-04
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-12-04
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-12-04
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-12-03
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
CVSS Score
8.8
EPSS Score
0.412
Published
2018-12-03
FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault).
CVSS Score
7.5
EPSS Score
0.02
Published
2018-11-29
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
CVSS Score
9.8
EPSS Score
0.147
Published
2018-11-29
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
CVSS Score
9.8
EPSS Score
0.147
Published
2018-11-29