CVE 2020-15570
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
Related bugs and status
CVE-2020-15570 (Candidate) is related to these bugs:
Bug #1872560: integer overflow in whoopsie 0.2.69
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu) | High | Fix Released | ||
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu Focal) | High | Fix Released | ||
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu Xenial) | High | Fix Released | ||
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu Groovy) | High | Fix Released | ||
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu Bionic) | High | Fix Released | ||
1872560 | integer overflow in whoopsie 0.2.69 | whoopsie (Ubuntu Eoan) | High | Won't Fix |
Bug #1881982: DoS vulnerability: cause resource exhaustion
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu) | Medium | Fix Released | ||
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu Bionic) | Medium | Fix Released | ||
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu Groovy) | Medium | Fix Released | ||
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu Xenial) | Medium | Fix Released | ||
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu Focal) | Medium | Fix Released | ||
1881982 | DoS vulnerability: cause resource exhaustion | whoopsie (Ubuntu Eoan) | Medium | Won't Fix |
Bug #1882180: DoS vulnerability: fail to allocate
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu) | Undecided | Fix Released | ||
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu Groovy) | Undecided | Fix Released | ||
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu Bionic) | Undecided | Fix Released | ||
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu Xenial) | Undecided | Fix Released | ||
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu Focal) | Undecided | Fix Released | ||
1882180 | DoS vulnerability: fail to allocate | whoopsie (Ubuntu Eoan) | Undecided | Won't Fix |
See the
CVE page on Mitre.org
for more details.