Your submission was sent successfully! Close

CVE-2019-9706

Published: 12 March 2019

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error.

Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
cron
Launchpad, Ubuntu, Debian
bionic
Released (3.0pl1-128.1ubuntu1.1)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Not vulnerable
(3.0pl1-134ubuntu1)
focal Not vulnerable
(3.0pl1-134ubuntu1)
groovy Not vulnerable
(3.0pl1-134ubuntu1)
hirsute Not vulnerable
(3.0pl1-134ubuntu1)
impish Not vulnerable
(3.0pl1-134ubuntu1)
jammy Not vulnerable
(3.0pl1-134ubuntu1)
precise Ignored
(end of ESM support, was needs-triage)
trusty Needed

upstream
Released (3.0pl1-133)
xenial
Released (3.0pl1-128ubuntu2+esm1)