** Description changed:
Hi,
I have found a security issue on whoopsie 0.2.69 and earlier.
- ## Vulnerability in whoopsie
- - It was discovered that whoopsie incorrectly handled certain malformed crash
files. If a user using whoopsie were tricked into parsing and uploading a
specially
Exploitation of this issue causes excessive memory consumption which results in
the Linux kernel triggering OOM killer on arbitrary process.
This results in the process being terminated by the OOM killer.
Please check the following PoC: whoopsie_killer.py
** Attachment removed: "memory leak
I am utilizing the 8GB of RAM and pre-compiled version of Ubuntu 18.04.
Could you tell me how much ram do you have in that machine?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872560
Title:
** Description changed:
Hi,
I have found a security issue on whoopsie 0.2.69 and earlier.
## Vulnerability in whoopsie
- - whoopsie 0.2.69 and earlier have a memory leak vulnerability.
- - An attacker can cause a denial of service (application crash) via a crafted
.crash file.
+ - It
** Summary changed:
- Memory leak in parse_report()
+ memory exhaustion in parse_report()
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881982
Title:
memory exhaustion in parse_report()
To
This vulnerability may cause a memory exhaustion vulnerability in the
function parse_report() in whoopsie.c, which allows attackers to cause a
denial of service.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881982
Title:
Memory leak in parse_report()
To manage notifications about this
** Also affects: apport
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1877023
Title:
Unhandled exception in check_ignored()
To manage notifications
** Also affects: apport
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1876659
Title:
Unhandled exception in run_hang()
To manage notifications about
** Project changed: apport => apport (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1877023
Title:
Unhandled exception in check_ignored()
To manage notifications about this bug go to:
Sure. This issue is also reproducible with pre-compiled version of
0.2.62ubuntu0.4.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872560
Title:
integer overflow in whoopsie 0.2.69
To manage
Thank you for your reply.
Please check the following video.
https://youtu.be/pGfOzcgd5CU
It also affects on whoopsie 0.2.69.
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872560
Title:
Public bug reported:
## Description
When we start apport-cli without PID, an unhandled exception in apport 2.20.11
and earlier may allow an authenticated user to potentially enable a denial of
service via local access.
The following command may cause an application crash due to an unhandled
** Summary changed:
- heap-based buffer overflow in bson.c
+ integer overflow in whoopsie 0.2.69
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872560
Title:
integer overflow in whoopsie 0.2.69
I would like to update the contents of 'Attack Scenario'.
from:
$ python -c "print('A' * 0x + ' : ' + 'B')" > /var/crash/fake.crash
to:
$ python -c "print('A' * 0xFFFE + ' : ' + 'B')" > /var/crash/fake.crash
Segfault can arise when the following requirements are met, as I mentioned
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872560
Title:
heap-based buffer overflow in bson.c
To manage notifications about
CVE-2019-13604 and CVE-2019-13621 have been assigned.
Please check the following PoC:
https://github.com/sungjungk/fp-scanner-hacking
https://github.com/sungjungk/fp-img-key-crack
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13604
** CVE added:
In Ubuntu, that would be good.
Btw, I would like to request escalate importance.
I think that this issue can be even more important than password
exposure in cleartext.
Once fingerprint has been leaked, victims are leaked for the rest of
life since it lasts for a life.
Then, it severely
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822590
Title:
Found storing user fingerprints without encryption
To manage
It is demo video: https://www.youtube.com/watch?v=Grirez2xeas
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819406
Title:
Found broken a feature for fingerprint image obfuscation
To manage
Please check the following PoC.
https://github.com/sungjungk/fp-img-deobfuscator
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819406
Title:
Found broken a feature for fingerprint image
It seems that the uru4000 driver is affected by a weak? or broken?
obfuscation feature, allowing MITM attackers to discover user's precious
fingerprint images.
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
What do you think of this issue?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819406
Title:
Found broken a feature for fingerprint image obfuscation
To manage notifications about this bug go to:
It is https://gitlab.freedesktop.org/libfprint/libfprint/issues/151
** Bug watch added: gitlab.freedesktop.org/libfprint/libfprint/issues #151
https://gitlab.freedesktop.org/libfprint/libfprint/issues/151
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Could you check the following link?
https://gitlab.freedesktop.org/libfprint/libfprint/merge_requests/47
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819406
Title:
Found broken a feature for
Public bug reported:
Dear all,
In this package, a random seed is used for generation key for obfuscating a
fingerprint image in uru4000 driver.
Unfortunately, it seems that the seed always exhibits the same sequence of
numbers each time since it is generated from rand() in libc by default.
Okay! I just reported it to upstream.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1818936
Title:
Found hard-coded secret-key for challenge-response on libfprint
To manage notifications about
Okay! I just reported it to upstream.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1818938
Title:
Found storing user fingerprints as raw image files
To manage notifications about this bug go to:
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1818936
Title:
Found hard-coded secret-key for challenge-response on libfprint
To manage
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1818938
Title:
Found storing user fingerprints as raw image files
To manage notifications
Public bug reported:
Dear all,
Currently, libfprint saves a fingerprint image (FP1 or 2?) to a file on
the host without any encryption.
Once fingerprint has been leaked, victims are leaked for the rest of
life since it lasts for a life.
It is necessary to prepare for the problem.
Especially,
Public bug reported:
Dear all,
We need to fix hard-coded symmetric-key for challenge-response
authentication on `uru4000 driver`.
The driver uses a symmetric-key technique to encrypt the challenge data
using AES encryption algorithm for authentication.
"2nd generation MS devices added an
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1780365
Title:
Credentials located in gnome-keyring can be compromised easily
To
Please check the attached patch applied on gnome-keyring 3.28.
(see https://bug781486.bugzilla-attachments.gnome.org/attachment.cgi?id=350049)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1772919
** Description changed:
Dear all,
I figure out that login credentials, located in gnome-keyring, can be
easily compromised.
Linux based on Gnome basically uses ‘gnome-keyring’ as their backend to
store login credentials in a secure manner. Specifically, google-chrome
browser,
Public bug reported:
Dear all,
I figure out that login credentials, located in gnome-keyring, can be
easily compromised.
Linux based on Gnome basically uses ‘gnome-keyring’ as their backend to
store login credentials in a secure manner. Specifically, google-chrome
browser, network-manager and
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/566075
Title:
no way to specify the password
To manage notifications about this bug go to:
37 matches
Mail list logo
