Canonical: >> Ubuntu Linux >> 19.04 Security Vulnerabilities
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.021
Published
2017-10-11
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.
CVSS Score
6.7
EPSS Score
0.001
Published
2017-06-09
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
CVSS Score
9.8
EPSS Score
0.019
Published
2017-01-13
Page 39