Showing 1 - 12 of 12

CVE-2019-18874

Status Candidate

Overview

psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

Related Files

Red Hat Security Advisory 2022-5070-01: Posted Aug 10, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-18874, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-13435, CVE-2020-14155, CVE-2020-24370, CVE-2020-28493; SHA-256 | e7b215852adbc1951046d56f7036f6b75803672b4422c7ce6cb43592abad6003; Download | Favorite | View

Red Hat Security Advisory 2021-4324-02: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4324-02 - psutil is a module providing an interface for retrieving information on all running processes and system utilization in a portable way by using Python. Issues addressed include a double free vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2019-18874; SHA-256 | d5d02c975f45500c5739c50522cbddf275e63c129c6f1ccfa611f7858d833956; Download | Favorite | View

Red Hat Security Advisory 2021-4162-05: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4162-05 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, double free, information leakage, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, python; systems | linux, redhat; advisories | CVE-2019-18874, CVE-2020-28493, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572, CVE-2021-42771; SHA-256 | e213dc130fe6c0f9ceeb6dbc6201ba34dd61a302b188cea3f4e8ad9fc8057754; Download | Favorite | View

Red Hat Security Advisory 2021-1313-01: Posted Apr 22, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-1313-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include double free, information leakage, and remote SQL injection vulnerabilities.; tags | advisory, remote, vulnerability, sql injection; systems | linux, redhat; advisories | CVE-2017-2662, CVE-2019-18874, CVE-2020-11612, CVE-2020-14335, CVE-2020-25633, CVE-2020-9402; SHA-256 | 27f926f5aa6dc020146bbe82a0e986564870461f6b710ded0e468168538e2d5c; Download | Favorite | View

Red Hat Security Advisory 2020-5249-01: Posted Nov 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5249-01 - Fixed two jQuery vulnerabilities Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP requests by default Updated several dependencies of Ansible Tower's User Interface to address Updated to the latest version of python-psutil to address CVE-2019-18874 Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases Fixed workflows to no longer prevent certain users from being able to edit approval nodes Fixed confusing behavior for social auth logins across distinct browser tabs Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials. Issues addressed include code execution and cross site scripting vulnerabilities.; tags | advisory, web, vulnerability, code execution, xss, python; systems | linux, redhat; advisories | CVE-2019-18874, CVE-2020-11022, CVE-2020-11023, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743; SHA-256 | 110dd18b4efb16ae0c10f48cfdb06ff0615e9ae0e93f088c11b253e73a4fd781; Download | Favorite | View

Red Hat Security Advisory 2020-4299-01: Posted Oct 21, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.; tags | advisory, denial of service, vulnerability, python; systems | linux, redhat; advisories | CVE-2019-18874, CVE-2019-20907, CVE-2020-14422, CVE-2020-26116, CVE-2020-26137; SHA-256 | 68d399ed7e240bb3ab98c139304e5b93c1566ee5d259b9c3fa61f7327e6d6b4b; Download | Favorite | View

Red Hat Security Advisory 2020-4255-01: Posted Oct 14, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2017-12652, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12450, CVE-2019-12749, CVE-2019-14822, CVE-2019-14866, CVE-2019-14973, CVE-2019-15903, CVE-2019-16935, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-17546, CVE-2019-18874, CVE-2019-19126, CVE-2019-19956, CVE-2019-20386, CVE-2019-20388, CVE-2019-5094, CVE-2019-5188, CVE-2019-5482, CVE-2020-12243, CVE-2020-12400, CVE-2020-1240; SHA-256 | 5fa2b0edd19c548995fa81b56ae17dd75bbbcf0b7a9fd43d5777ad177066c16a; Download | Favorite | View

Red Hat Security Advisory 2020-4254-01: Posted Oct 14, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2017-12652, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12450, CVE-2019-12749, CVE-2019-14822, CVE-2019-14866, CVE-2019-14973, CVE-2019-15903, CVE-2019-16935, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-17546, CVE-2019-18874, CVE-2019-19126, CVE-2019-19956, CVE-2019-20386, CVE-2019-20388, CVE-2019-5094, CVE-2019-5188, CVE-2019-5482, CVE-2020-12243, CVE-2020-12400, CVE-2020-1240; SHA-256 | 95b6f149ed6564a7dba27bae8b6b98f52d801a1eb8ced363663ee391a124f69c; Download | Favorite | View

Red Hat Security Advisory 2020-2593-01: Posted Jul 1, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2593-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a double free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2019-18874; SHA-256 | 5a75568a9901fe196baea3f4b03a0b40e08d6d6ed52bdeb5c0e77f9d0e39d7d0; Download | Favorite | View

Red Hat Security Advisory 2020-2635-01: Posted Jun 23, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2635-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a double free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2019-18874; SHA-256 | 14bd30cfa9b2222884a210dc818ef22cd2863bafc1044e8c57af16be083535a7; Download | Favorite | View

Red Hat Security Advisory 2020-2583-01: Posted Jun 23, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2583-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and double free vulnerabilities.; tags | advisory, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2019-18874; SHA-256 | 1d23ade26a307c42c305bad4a55337a7b1a795f0a3383c6ead3f65bd966afdc7; Download | Favorite | View

Ubuntu Security Notice USN-4204-1: Posted Nov 28, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4204-1 - Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-18874; SHA-256 | adc7ec85d31f5349a8be376afe8cf08edc4acfe1a9f39099e09b041b7b93cb51; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 188 files
Ubuntu 70 files
Debian 26 files
Google Security Research 14 files
malvuln 11 files
Gentoo 10 files
nu11secur1ty 7 files
mjurczyk 4 files
Apple 3 files
Julien Ahrens 3 files

File Archives

Systems

AIX (426)
Apple (1,926)
BSD (370)
CentOS (55)
Cisco (1,917)
Debian (6,628)
Fedora (1,690)
FreeBSD (1,242)
Gentoo (4,272)
HPUX (878)
iOS (330)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (44,192)
Mac OS X (684)
Mandriva (3,105)
NetBSD (255)
OpenBSD (479)
RedHat (12,376)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (8,176)
UNIX (9,154)
UnixWare (185)
Windows (6,506)
Other

CVE-2019-18874

Overview

Related Files

File Archive:

December 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems