CVE-2020-15570
Published: 6 July 2020
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
Priority
CVSS 3 base score: 5.5
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15570
- https://github.com/sungjungk/whoopsie_killer2/blob/master/README.md
- https://github.com/sungjungk/whoopsie_killer2/blob/master/whoopsie_killer2.py
- https://launchpad.net/ubuntu/+source/whoopsie
- https://www.youtube.com/watch?v=oZXGwC7PWYE
- https://ubuntu.com/security/notices/USN-4450-1
- NVD
- Launchpad
- Debian