CVE-2019-12109

Published: 15 May 2019

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
miniupnpd
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(2.1-6ubuntu2)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(2.1-6ubuntu2)
Ubuntu 18.04 LTS (Bionic Beaver) Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (1.8.20140523-4.1+deb9u2build0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Ubuntu 12.04 ESM (Precise Pangolin) Does not exist