Integer Overflow Vulnerability in Whoopsie: Out-of-Bounds Write and Potential Code Execution

Integer Overflow Vulnerability in Whoopsie: Out-of-Bounds Write and Potential Code Execution

CVE-2019-11476 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process.

Learn more about our Cis Benchmark Audit For Ubuntu Linux.